Following an October 2019 ransomware attack, MyEyeDr. Optometry of Colorado began notifying patients Feb. 7 that their protected health information information may have been exposed.
After discovering that some patient records had been encrypted, the provided contacted a third-party computer forensic firm to investigate and help with the recovery process. Upon investigation, the provider determined patients who received care between Dec. 1-10, 2019, may have been affected. According to the Office for Civil Rights breach portal, 1,475 patients were affected.
While MyEyeDr. was able to restore many of the patient records, some remain encrypted. There is no evidence that patient data has been removed from the provider or misused. However, patient data that may have been exposed included, names, dates of birth, diagnoses, clinical information and treatment information.