Hyde Park, N.Y.-based CoPilot Provider Support Services, a healthcare administrative services and IT organization, reported a data breach affecting 220,000 individuals.
In October 2015, CoPilot's database, which healthcare professionals use to advise patients on whether certain treatments are covered by insurance, was illegally accessed. The data of 220,000 patients — including names, genders, dates of birth, addresses, phone numbers, health insurance information and occasionally Social Security numbers — was accessed.
CoPilot learned of the situation on Dec. 23, 2015. After an investigation, CoPilot learned that financial information and medical treatment records were not accessed. CoPilot "does not have evidence to suggest that any patient information was distributed or misused for purposes of identity theft or to cause financial harm."
The organization mailed notification letters to patients impacted by the breach and set up a call center to answer their questions. CoPilot is also offering theft protection services to affected patients.