Patients who were treated in the emergency room, Same Day Surgery Center or Urgent Care site at the Siena, San Martin or De Lima campuses of St. Rose Dominican Hospital in Las Vegas between July 17 and Oct. 16, 2017 that received a signed DJO Global patient product agreement form when they received their DJO product may have had their personal information exposed.
The medical device supplier learned shortly after the forms were picked up by its third-party vendor to be mailed to DJO that they may have been lost in transit. The forms may have contained patients' names, addresses, phone numbers, dates of birth, physician's names, physician's locations, product information and health plan identification numbers.
DJO said it has conducted a thorough investigation and doesn't have any evidence any information has been misused.
The company has taken steps to prevent future incidents, including implementing new quality controls in its mailing processes and retraining its vendor on safeguarding paper records that contain protected health information.
Affected patients who visited the hospital within the specified timeline may qualify for one free year of Experian IdentityWorksSM protection.
More articles on cybersecurity:
Phishing attack at Bronson Healthcare Group may have compromised 8k patients' information
Ripple's co-founder now worth more than Google's Larry Page, Sergey Brin
Microsoft, Amazon, Google scramble on updates addressing chip vulnerability