UMass Amherst Admits Security Breach
1,670 patients' protected health information may have been accessed.
The University of Massachusetts Amherst recently began notifying clients of the university's Center for Language, Speech and Hearing that their protected health information (PHI) may have been accessed after a computer was infected with malware (h/t MassLive.com).
According to the university, the malware infection was discovered on April 5, 2013.
Data stored on the infected computer included 1,670 patients' names, addresses, birthdates, Social Security numbers, health insurance company names, insurance numbers, primary or referring physicians, and diagnoses and procedure codes.
While an investigation by the university's Office of Information Technologies found no indication that any data was copied from the computer, the university is asking all potentially affected patients to keep an eye out for "any unusual activity with respect to your health information to limit the likelihood of misuse of PHI."
The university says it has responded to the incident by installing software on all workstations to detect malicious activity, identified all files containing personal information. The university also plans to provide all staff with additional training in security practices.