Jefferson Cherry Hill hospital reports data breach, informs patients
Take action: A lot of data is kept on backup hard drives, and those are quite portable and easy to move around - even to steal. That's why you need to consider encrypting the backup data, so if the drive is lost or stolen, it's not really useful.
Learn More
Jefferson Health's Cherry Hill hospital has issued an alert regarding a potential data breach that could have exposed the personal information of some of its patients.
The healthcare provider informed that the potential data breach is caused by a missing backup DEXA scan drive that contains patient data. The potential breach came to light due to a maintenance technician's observation during their work on the machine. The technician discovered the absence of the portable backup device from the larger DEXA scan machine.
Upon a full investigation, it cannot be determined if the device was lost or stolen.
A DEXA scan machine, or Dual-Energy X-ray Absorptiometry machine, is a medical device used to measure bone density and body composition. It uses low-dose X-rays to assess bone health and the proportion of muscle, fat, and other tissues in the body. This helps diagnose conditions like osteoporosis and provides insights into overall health.
Jefferson Health did not disclose the number of patients affected. In terms of the information that may have been compromised, Jefferson Health disclosed that the data on the drive could be accessible and includes
- names,
- dates of birth,
- medical record numbers,
- dates of studies,
- in certain instances, mailing addresses.
The healthcare provided a very peculiar wording about other sensitive details such as Social Security numbers, driver's license information, phone numbers, and insurance numbers - that those are not viewable without the necessary credentials, specific system software, and additional technological access, the release clarified. It's unclear whether those details are present on the DEXA drive but somehow better protected, or not present on the drive at all.
The affected patients are urged to diligently monitor their credit reports and take proactive steps by getting in touch with any of the three major credit bureaus to implement a fraud alert on their credit report.
In response to this incident, Jefferson Health is taking measures to review and reinforce its security protocols.
