A growing list of hospitals and health systems across the U.S. are reporting data breaches linked to a ransomware attack on CaptureRx, a San Antonio, Texas-based health IT company that helps hospitals manage their 340B drug programs.
Four things to know:
1. Faxton St. Luke's Healthcare, an affiliate of Utica, N.Y.-based Mohawk Valley Health System, this month began notifying more than 17,000 patients that their protected health information had been exposed in the CaptureRx breach.
2. CaptureRx said it discovered unusual activity in some files on its IT systems in February; these files contained protected health information of patients at Faxton St. Luke's and other providers.
3. Binghamton, N.Y.-based Lourdes Hospital also reported patient information exposed by the breach. The hospital said it became aware of the incident last month, according to a May 6 Binghamton Home Page report.
4. Gifford Health Care in Randolph, Vt., said data on 6,777 of its patients was exposed by the breach. A hospital spokesperson told Valley News May 3 that CaptureRx had experienced a ransomware attack, and the hospital reported the breach to HHS.