Flora, IL. – December 15, 2014 –On November 2, 2014 Clay County Hospital received an anonymous email that contained protected health information of some clinic patients. The email sender threatened to release this information to the public if they did not receive a substantial payment from the hospital. The hospital immediately notified law enforcement and quickly launched a forensic investigation to determine the source and scope of the incident. All affected patients were notified by first-class mail on December 15, 2014.
The compromised data was limited to patients who visited a Clay County Hospital clinic on or before February 2012 and is limited to name, physical address, social security numbers and date of birth. No medical information was accessed or disclosed. Extensive reviews from outside forensic experts concluded that Clay County Hospital servers have not been hacked and remain secure due to the rigorous security program that meets the standards set by the HIPAA HITECH Act. In order to prevent future incidents, Clay County Hospital is implementing extra internal security measures. These include additional logging systems and auditing features to track and control data access.
With a continuing commitment to protecting patient information, Clay County Hospital has contracted with ID Experts® to provide an informational toll-free number and website to answer questions about this incident. Affected patients with questions regarding this incident can visit www.myidcare.com/claycounty or call 1-888-281-7040, Monday through Friday from 9 am – 9 pm Eastern Time.
This press release is in accordance with the Health Information Technology for Economic and Clinical Health (HITECH) Act. Clay County Hospital has notified patients and the Department of Health and Human Services (HHS).
SOURCE: Clay County Hospital
Note: PHIprivacy.net has reached out to the hospital’s marketing firm to request additional information on this incident, and will update this post if more information is made available.
Update: The total affected population is 12,621 patients, all of whom are in Illinois. The hospital is not revealing any other details at this time, due to the active investigation.