Ariel Hart reports:
Wellstar Health System suffered a data breach through its email system, it reported Friday afternoon.
Wellstar said it learned two months ago that someone unauthorized had gained access to two email accounts. Via those accounts, patients’ health care information was exposed, including patient laboratory information, Wellstar said in a written statement.
“After an extensive forensic investigation and manual document review, Wellstar discovered on February 7, 2022 that one or more of the email accounts accessed between December 6, 2021 and January 3, 2022 contained identifiable personal and/or protected health information,” the statement said. “Wellstar has no evidence to suggest that any data is misused or otherwise in the possession of someone it should not be.”
Read more at ajc.
Wellstar’s full statement can be downloaded at https://www.wellstar.org/-/media/2022-03-04–wellstar-media-notice9.pdf?rev=41e9f23d01484df195599a8183b33beb
As Ariel Hart reported, the statement does not indicate how many patients were being notified.
Nor does it actually tell anyone when they first discovered they had a breach. February 7 is when they learned/discovered/confirmed that PHI was involved, but when did they first discover the breach itself?
It’s notifying the patients whose information was contained in the accounts. The information exposed included names, medical record numbers, unique Wellstar account numbers, and laboratory information, the statement said. The exposed information did not include Social Security numbers or financial information, it added.
Wellstar bills itself as one of the state’s largest healthcare systems with 11 hospitals; more than 300 medical office locations; 9 cancer centers; 74 rehabilitation centers; 3 hospice facilities; 1 retirement village; 34 imaging centers; 17 urgent care locations; and 5 health parks.
Wellstar announced Wednesday that it will close the emergency department and hospital beds at its hospital in East Point, Wellstar Atlanta Medical Center South, in May. The facility will instead become a 24-hour clinic for urgent care and rehabilitative services.
The hospital, Wellstar Atlanta Medical Center South, currently has the only ER within Fulton County south of I-20.