Rockford (Ill.) Gastroenterology Associates filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights on Oct. 30 after becoming aware of a 2023 cyberattack.
On Oct. 30, the practice sent a letter to 147,253 patients explaining that the incident resulted in an unauthorized party being able to access patients’ sensitive information, which includes their personal information and health information, according to a Nov. 21 news release from JDSupra.
After learning of a potential data breach, the practice launched a third-party cybersecurity investigation that determined certain files and folders containing confidential patient information were accessed by the unauthorized party on December 16, 2023.
RGA was able to confirm that the practice’s electronic health records system was not affected in the breach.