Seen on dailynews.kaango.com, another Bizmatics client discloses the breach to their patients:
(DAILY NEWS) PUBLIC NOTICE: HIPAA Breach Notification. CA Health and Longevity Institute would like to alert patients that in 2015 cyber intruders may have accessed confidential patient information that was stored on an electronic health record system. The clinic uses an electronic health record database called PrognoCIS to store patient information. PrognoCIS was created and maintained by Bizmatics.
The clinic was notified on March 30, 2016, that cyber intruders may have installed malware into PrognoCIS that was not discovered by Bizmatics until the end of 2015. Bizmatics is working with law enforcement and a cyber-security firm on the matter but have been unable to conclude whether or not the clinic’s patients’ information was actually viewed or acquired. The information stored in the server accessed by the unauthorized users includes, but is not limited to, the following: the patients’ names, addresses, phone numbers, birth dates, insurance information, as well as the entire charted medical history of the patient. Therefore, we urge our patients to closely monitor all accounts and credit information.
We do not know if any patient information was accessed but as a matter of caution we want to advise our patients. If you have any questions, please contact Kristy Timpone, Business Manager, at 818-575-8000. Publish May 26, 2016
The notice was also posted on CA Health & Longevity Institute’s web site.