Athens Orthopedic Clinic won't provide credit monitoring following breach affecting 200k patients

Healthcare organizations that suffer a data breach typically offer patients and other affected individuals with free credit and identity monitoring for at least a year following a security incidence, but Athens (Ga.) Orthopedic Clinic says it can't afford to do so, reports the Athens Banner-Herald.

Athens Orthopedic Clinic began notifying patients of the breach in late July. A hacker used the credentials of a clinic contractor to access AOC's EMR June 14. The clinic learned of the breach June 27. Compromised information includes names, addresses, Social Security numbers, birth dates, telephone numbers and account numbers, as well as potentially diagnoses and medical histories, according to the breach notification letter sent to patients.

The letter advises patients to call any of the three major credit bureaus toll-free (Equifax, Experian and TransUnion) to place a fraud alert on their credit reports, receive a copy of their credit reports and examine the report for signs of fraud.

However AOC will not pay for extended credit monitoring for patients, which has upset patients, according to the Athens Banner-Herald.

In a Friday statement obtained by Athens Banner-Herald, AOC CEO Kayo Elliott said, "[Patients] wish we could pay for extended credit monitoring. So do we. We truly regret that we are unable to do so, as we are not able to spend the many millions of dollars it would cost us to pay for credit monitoring for nearly 200,000 patients and keep Athens Orthopedic as a viable business."

AOC appears to have been facing criticism for its handling of the breach for a couple weeks. In an Aug. 6 opinion piece in Athens Banner-Herald, Chip Ogburn, MD, a trauma surgeon at AOC, said he was reading "too many negative, and at times inaccurate, remarks" about the breach, largely on social media. "Many of the social media comments I read indicated that AOC is, at a minimum, negligent or, at worst, complicit with the felony that occurred. This could not be further from the truth. I assure you that every single physician is incredibly distraught with this violation of our responsibility to you and the relationships that we have built," he wrote.

AOC is reportedly working with IT and security experts to test and improve its system.

More articles on data breaches:

Bon Secours vendor breach affects 655k patients
Company issuing health plan ID cards hit with data breach affecting 3.3M 
Oregon State Hospital reports breach after clinician texts patient medical data 

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars