Cook County Health Alerts 1.2 Million Patients of Data Breach Involving Medical Transportation Firm

In a concerning development, Cook County Health has issued a warning that more than 1.2 million patients may have had their personal information exposed in a data breach involving medical transportation firm Perry Johnson & Associates (PJ&A). The breach occurred earlier this year and was brought to light by PJ&A in July, leaving a significant number of patients potentially impacted.

PJ&A, which previously provided medical transportation services for Cook County Health's hospitals and clinics, disclosed that an unauthorized individual gained access to systems where patient data was stored in April. This unauthorized access raised alarms about the security of personal information belonging to Cook County Health patients.

In response to the data breach, Cook County Health took swift action by terminating its contract with PJ&A and discontinuing the sharing of patient data with the company. On October 9, PJ&A provided Cook County Health with a final list of patients who might have been affected by the breach, revealing that records for approximately 1.2 million patients were compromised.

The information that may have been exposed in the breach includes sensitive data such as names, dates of birth, addresses, medical record numbers, encounter numbers, medical information, and dates and times of service. Alarmingly, around 2,600 patients' Social Security numbers may also have been included in the records involved.

Despite the breach, Cook County Health emphasized that it has not found any evidence of the misuse of personal information. Nevertheless, the health system has issued a statement advising patients to monitor their medical bills for any suspicious activity. Cook County Health remains committed to preserving the privacy of its patients and has offered apologies for the incident.

In response to the breach, Cook County Health is taking proactive measures to support affected patients. The health system is in the process of notifying individuals whose data may have been compromised. It is also providing patients with essential tips on safeguarding their personal information and guidance on how to monitor their credit reports. For those patients whose Social Security numbers may have been impacted, Cook County Health is offering the opportunity to enroll in free credit monitoring and identity protection services.

This incident serves as a stark reminder of the importance of robust data security measures and the ongoing need for vigilance in protecting sensitive personal information. Cook County Health continues to work closely with its business associates to ensure the appropriate protection of patient data, and the incident underscores the significance of data privacy in the healthcare sector.

The GRC Report is the first word in governance, risk, and compliance news. As your trusted source for comprehensive coverage, the GRC Report keeps you informed and equipped to navigate the evolving landscape of governance, risk, and compliance. And remember, the GRC Report isn't just a news source; it's a community of professionals who share your passion for GRC excellence. Don't miss out on our insightful articles and breaking news – join the conversation and empower your GRC journey.