The data of patients at Jefferson Health in Philadelphia was exposed as a result of a security breach at cancer data provider Elekta. On July 19, 2021, the health organization posted on their website regarding a recent security problem affecting some of the patient records at one of their vendors, Elekta, Inc.
Patient names, birth dates, medical history and information, and other clinical information linked to services at Jefferson Health, such as physician’s name and department, date of service, care plan, condition, or medication information, may have been compromised, according to the announcement.
As of this writing, Jefferson Health has notified all patients affected by the data breach and is offering credit reports and fraud protection to those whose social security numbers have been compromised.
Elekta offers SmartClinic, a cloud-based mobile option that allows companies to connect patient data for cancer treatments. A copy of the SmartClinic database, which Jefferson has been using to hold information to the patient treated at the Sidney Kimmel Cancer Center, was stolen when an unauthorized individual obtained access to the company’s system.
Those whose Social Security numbers may have been obtained will receive free credit monitoring and identity theft prevention services from Jefferson Health.
In the aftermath of the hack, the health system stated it is reevaluating its partnership with Elekta in order to avoid a repeat intrusion.
Furthermore, the business claimed, “There was no access to Jefferson Health’s systems, network, or electronic health information in this event. It happened on Elekta’s systems, which included a database of cancer patients seen at Jefferson Health’s Sidney Kimmel Cancer Center. The attack was not directed towards Jefferson Health or any of its facilities.”
“Jefferson Health regrets this occurrence and is dedicated to preserving patient information security and privacy. To help avoid anything like this from happening again, Jefferson Health is re-evaluating its partnership with Elekta,” they said.
Elekta’s data breach in April 2021 harmed numerous US-based healthcare organizations, including Renown Health in Nevada, Lifespan, Southcoast Health, and the Cancer Centers of Southwest Oklahoma, according to a prior study.
On the other news, another institution reported a recent data security incident that may have compromised the sharing of sensitive data contained in the software produced by radiology business Elekta at locations in southern Nevada.