Brie Zeltner reports:
The MetroHealth System is notifying almost 1,000 patients who received heart catheterization procedures at the hospital over the past year that their protected health information may have been accessed when three computers were hacked there.
The health system discovered “malware” or malicious software, on three computers in its Cardiac Cath Lab, according to a statement released Friday. The software was discovered March 17 on only those computers, and affected patients who had procedures in the lab between July 14, 2014 to March 21 of this year.
It appears that the breach occurred after a business associate disabled antivirus software on the computers before a software update.
There is no evidence that any health information was accessed, MetroHealth said.
The computers did not contain financial information, which is usually the target of such malicious software. Patient information in the computers included:
Patient name; date of service; date of birth; height; weight; medications administered during the procedure; medical record number; case number (limited to only to that procedure); and cardiac catheterization raw data such as tracings of EKG and oxygen saturation.
Read more on Cleveland.com.