PHI Exposure Reported by Lone Peak Physical Therapy and First Choice Dental

Posted by Steve Alder

Patient Records Potentially Viewed at Lone Peak Physical Therapy

Lone Peak Physical Therapy, the operator of 10 physical therapy centers in Montana, had a break-in at its Bozeman billing office and clinical space on October 21, 2023. The robbery was detected on Monday, October 23, 2023, when staff returned to work. The robbery was reported to law enforcement and an inventory was conducted to determine which items had been stolen. They included a safe containing patient payments, billing information, and laptop computers. The laptop computers were encrypted so data on those devices cannot be accessed, nor can they be used to access the network. If the intruder attempts to pawn any of the stolen data, the Gallatin County Sheriff’s Department will be notified.

There were locked filing cabinets in the office that contained hard copies of patient records. Lone Peak Physical Therapy said none of the hard copies appear to have been removed, but it is not possible to tell if any of those files were viewed. The files contained the records of 5,809 patients and out of an abundance of caution, those individuals have been offered complimentary credit monitoring services.

“Lone Peak apologizes for the stress and worry this situation may have caused its patients and is taking appropriate measures to avoid an incident of this nature from happening in the future.”

First Choice Dental Alerts Patients About the Potential Exposure of their PHI

First Choice Dental, the operator of 11 clinics in Madison and Dane County, WI, has recently reported a 1,000-record data breach to the Office for Civil Rights. Since this is an interim notification, that figure may be amended up or down pending the completion of its investigation.

According to its notification letters, unauthorized network activity was detected on October 22, 2023. A third-party cybersecurity firm was engaged to investigate the breach and determined that an unauthorized third party had accessed its network. The investigation into the incident is ongoing and the data exposed is still being analyzed. Formal data breach notifications will be mailed to the affected individuals when the investigation and file review is completed and it has been determined exactly what types of data have been exposed. In the interim, out of full transparency, patients have been informed about the cyberattack via a website notice.

First Choice Dental took prompt action to block any further access to its network and has implemented several additional safeguards to better protect patient data. They include an XDR/EDR solution on all PC & server endpoints, immutable off-site backups of critical servers and site servers, full password resets for admin accounts, removal of unnecessary admin accounts, patching of the ESXiArgs vulnerability on its Vmware vSphere environment, and the implementation of a fine-grained AD password policy for all users. First Choice Dental is also replacing its multifactor authentication and firewall and has disabled remote access until the implementation is complete.

Credit should be given to First Choice Dental for the transparency about the data breach and for providing a detailed interim notification to patients.

The post PHI Exposure Reported by Lone Peak Physical Therapy and First Choice Dental appeared first on HIPAA Journal.

Patient Payment Options

Posted by Ian

patient payment options

Patient financing solution helps patients afford care, regardless of their credit score. With this non-recourse financing, you can focus on the treatment, and not on chasing payments.

Patient Financing

Allowing patients to say “yes” to treatment with financing options for all

Our patient financing solution helps patients afford care, regardless of their credit score. With this non-recourse financing, you can focus on the treatment, and not on chasing payments. All of the financing details are handled by Rectangle Health’s financing partner HFD, and practices receive payment shortly after patients sign up with HFD.

Patients receive multiple payment plan offers just 30 seconds after applying, and HFD handles payments so you don’t have to.
Nearly every single patient* is approved for financing. Our approval rates are unmatched.
Applications are started, and their status is visible, right inside Practice Management Bridge®– no third-party portals here.
younger patients may be switching to providers that offer digital payment solutions. This is not uncommon. According to the recent studyproduced by PYMNTS and Rectangle Health, “35% of bridge millennials and other younger patients are willing to switch healthcare providers to find better digital healthcare management tools

 

Digital payments mean fewer billing surprises for patients and easier revenue cycle management for healthcare providers.

Payments modernization means better customer experiences for patients as well as long-term, sustainable growth for private and group practices alike.

The post Patient Payment Options appeared first on HIPAA Journal.