Jefferson Health warns 4,100 patients of possible data breach at Cherry Hill hospital
An outside technician discovered in June that a device used for bone density tests was missing a backup drive.
Jefferson Health on Tuesday warned 4,100 patients about a possible data breach at its hospital in Cherry Hill.
In June, a maintenance technician discovered that a backup drive for a device used to test bone density was missing, the health system said in a statement posted on its website. The system’s investigation was unable to determine if the drive was lost or stolen, Jefferson said.
Patient information that could be easily viewable on the drive includes names, dates of birth, medical record numbers, the date of studies, and in some cases, mailing addresses, Jefferson said. Getting access to diagnoses, phone numbers, social security numbers, insurance or driver’s license numbers, and scans would be difficult, Jefferson said.
Jefferson on Tuesday mailed letters to patients warning of the possible breach.
Jefferson’s warning comes as several Philadelphia-area health systems are dealing with data protection issues.
In a different type of breach, Crozer Health in Delaware County and other hospitals owned by Prospect Medical Holdings Inc. were hit by a ransomware attack in early August. Those hospitals have yet to recover, and are still using paper records for patient care.
Last year, federal and state authorities were investigating allegations that a Main Line Women’s Healthcare employee used a cell phone to capture confidential information from medical charts, potentially affecting more than 800 patients at the ob-gyn practice, which has offices in King of Prussia, Malvern, Plymouth Meeting, and Bryn Mawr.