Keystone Health Data Breach Impacts PHI of 235K Individuals
Pennsylvania-based Keystone Health discovered a data breach in August that potentially impacted more than 235,000 individuals.
Source: Getty Images
By Jill McKeon
- Keystone Health, a Pennsylvania-based team of primary care providers, disclosed a healthcare data breach that potentially impacted the protected health information (PHI) of 235,237 individuals.
“While we have a robust information security system in place, unfortunately, no system is perfect, and we recently identified and addressed a cybersecurity incident,” Keystone Health told patients.
Keystone Health discovered the security incident on August 19 and later determined that an unauthorized party had accessed files within its system between July 28 and August 19.
The files contained patient names, clinical information, and Social Security numbers. Keystone began mailing letters to impacted individuals and offered credit monitoring services to those who were eligible.
“We value the trust our community places in Keystone Health, and we deeply regret any concern this may cause our patients and their families,” the notice continued.
“To help prevent something like this from happening again, we are implementing new network security measures and providing additional training to our employees.”
Valle del Sol Breach Impacts 70K
Arizona-based community health center Valle del Sol disclosed a breach to HHS that impacted 70,268 individuals.
According to a breach notice, Valle del Sol discovered unusual network activity on January 25, 2022. After discovering the breach, Valle del Sol learned that some data, including protected health information, were potentially accessed or acquired by an unauthorized actor.
The incident potentially involved names, medical record numbers, Medicare or Medicaid numbers, dates of birth, Social Security numbers, driver's license numbers, clinical or diagnosis information, and health insurance member ID numbers.
Valle del Sol concluded its information review in mid-July and began notifying customers of the breach in September, months after the initial breach discovery. Valle del Sol said it was unaware of any instance of attempted misuse of the breached information.
