From their press release:
LifeBridge Health and LifeBridge Potomac Professionals announced today that it is sending letters to patients about a recent security incident involving patient information.
On March 18, 2018, LifeBridge Health discovered that malware infected the server that host LifeBridge Potomac Professional’s electronic medical record, and LifeBridge Health’s patient registration and billing systems. LifeBridge immediately began an investigation, engaged a national forensic firm, and determined that the unauthorized person accessed the server on September 27, 2016. The information potentially accessed may include patients’ names, addresses, dates of birth, diagnoses, medications, clinical and treatment information, insurance information, and in some instances social security numbers.
At this time, LifeBridge Health and LifeBridge Potomac Professionals has no reason to believe that the patient information has been misused in any way. However, as a precaution, LifeBridge Health is sending letters to patients, and has established a dedicated call center to answer any questions patients may have. For those patients whose Social Security numbers were potentially involved, LifeBridge is offering a one-year complimentary credit monitoring and identity protection services. LifeBridge Health also recommends that patients review their billing statements and explanation of benefits they receive. If patients see services that they did not receive, they should contact the provider or insurer immediately.
To help prevent something like this from happening again, LifeBridge has enhanced the complexity of its password requirements and the security of its system.
For additional information about this incident, please visit the LifeBridge website at www.lifebridgehealth.org.
SOURCE LifeBridge Health and LifeBridge Potomac Professionals
Of note, although they point to their site for more info, I see no notice or information on their site as of the time of this posting.