Parallon Business Solutions in Tennessee provides billing services for physician practices.
On February 5, 2014, they were informed by Metropolitan Police in Nashville and the Secret Service that a former employee was under investigation for stealing patient information. The data theft occurred between August 27, 2012 and April 23, 2013 and included patients’ names, addresses, Social Security numbers, and health insurance information.
Parallon notified affected patients on March 21, and offered them free credit monitoring services with TransUnion.
Forty residents of New Hampshire were affected by the breach. Those 40 patients were from 13 physician practices in the state: PRH Hospitalists and the following practices that are all part of Appledore Medical Group: Beacon Internal Medicine, Coastal NH Neurosurgeons, David J. Itkin, MD, Mark Henschke DO, Portsmouth Family Practice, Portsmouth Internal Medicine Associates, Thoracic and Vascular Associates, Woodbury Family Practice, Portsmouth Primary Care Associates, Parkland Physician Services Parkland Primary Care, Clipper Cardiovascular Associates, and Women’s Health Associates.
The total number of patients affected nationwide was not reported in their notification to New Hampshire.
Note that this breach report is related to a breach recently reported by LewisGale Regional Health System. In that case, Parallon provided billing services for Salem Hospitalists.
Media coverage of the LewisGale breach suggested that 400 patients may have been affected nationwide, and that in some cases, patient information was misused for new account fraud, leasing apartments, or utilities accounts.