Clinic Reports Malware Attack

19,000 Oklahoma Patients Notified
Clinic Reports Malware Attack
An Oklahoma clinic has notified more than 19,000 patients that one of its computers was infected by malware capable of retrieving data.

The computer contained patient names, addresses, Social Security numbers, birth dates and a variety of healthcare information, according to the University of Oklahoma's Tulsa neurology practice.

The clinic, which detected the virus July 28, says it's unaware of any misuse of information from the computer. "Although it is not possible at this time to determine what documents on the computer, if any, were accessed by the virus, in an abundance of caution, the clinic is notifying those individuals whose information and documents were stored there," the university said in a statement.

"As a result of this incident, the clinic has taken additional steps to ensure the safety and privacy of data, such as increasing the frequency of software and security updates," according to the statement.

The incident was recently added to the Health and Human Services' Office for Civil Rights' list of major healthcare information breaches. Breaches affecting 500 or more individuals must be reported to OCR within 60 days, according to the HITECH Act's interim final breach notification rule.

About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.