Meditab, an EMR and practice management software provider, has notified two healthcare providers in Maryland that their patients' personal health information may have been exposed, according to the HIPAA Journal.
The EMR provider became aware that some protected health information could be viewed by unauthorized parties in March. Upon investigation, Meditab found that between Jan. 9 and March 14 a limited number of faxes that contained medical information could be accessed.
Meditab has since corrected the issue, saying fewer than 5 percent of the faxes that passed through the system were exposed. Meditab had created a portal to view records for its Fax Cloud service. When the faxes were transmitted, a link to the image on a separate and secure server was temporarily available, the HIPAA Journal reports.
Capital Cardiology Associates in Lanham, Md., was notified that 1,980 patients may have been affected. Meditab alerted Greenbelt-based Southern Maryland Medical Group that 1,400 patients may have had their data exposed.
Patients' names, addresses, phone numbers, dates of birth and medical records and treatment notes were affected by the data breach.
Meditab is unaware of any data misuse from the breach. It is still unclear if other healthcare providers have been affected by the breach.