Orlando Orthopaedic Center experienced a security breach late last year, which
exposed patient information on the internet, according to a news release issued by the practice.
A server belonging to a transcription service vendor was unsecured during December 2017 because of a software update, making its contents, including certain protected health information, viewable on the internet, according to the news release.
Orlando Orthopaedic Center learned about the breach in February and launched an investigation.
According to the practice, the following information may have been exposed:
- Name, date of birth, type of treatment, insurance information, and employer.
- The Social Security numbers of a limited number of patients.
No credit or debit card, banking or financial accounts were involved, according to the practice.
Orlando Orthopaedics is not aware of any reports of fraud, theft or improper use of the exposed information so far, the practice said in the news release.
Affected patients have been notified and given information about best practices to protect their information. They’re advised to review the health insurance statements and follow up with the insurance company if they see items they don’t recognize.
The practice has also provided credit monitoring and identity theft restoration services to patients whose Social Security numbers were potentially compromised.
The vendor has since fixed the issue.
Orlando Orthopaedics is now conducting ongoing cyber awareness training for its workforce and regularly updates its system’s security and firewalls, the practice said in the news release.
Patients who have questions can call a dedicated number, (877) 940-2810, between 9 a.m. and 6 p.m. Monday through Friday.