OS, Inc. provides revenue management (billing) services to covered entities. I recently reported on a phishing-related breach they experienced in 2018 that was first disclosed this month. As I noted in that post, their notification specifically mentioned a number of their affected clients. Their disclosure did not, however, provide a total number of patients affected, nor name clients who probably wanted to make the disclosure to their patients themselves.
So here’s what we know so far, and there’s likely a lot more to come:
- Spectrum Health Lakeland: they disclosed the breach to 1,100 St. Joseph’s patients
- Tahoe Forest Health District – mentioned in OS’s notice, but no release or numbers from them yet.
- Sparta Community Hospital – mentioned in OS’s notice, but no release or numbers from them yet.
- Sauk Prairie Healthcare, Inc. – mentioned in OS’s notice, but no release or numbers from them yet.
- Idaho Department of Health and Welfare – mentioned in OS’ notice. A media report reveals that 2,060 were notified.
- Fort Healthcare in Wisconsin – mentioned in OS’s notice. A media report reveals that they are reportedly notifying 19,000 patients.
- Midwest Medical Center – not mentioned in OS’s notice, but media reports that they are notifying 8,000 patients.
I’ll try to update this post as I find more details. Feel free to let me know of any updates if you find them.