HealthSource of Ohio (HSO), a non-profit Federally Qualified Health Center (FQHC), recently announced that 8,800 patients' personal information may have been exposed when a file containing the data was mistakenly made available online (h/t PHIprivacy.net).
HSO learned on December 24, 2013 that the file had been unprotected and accessible online since November 18, 2013.
The file contained names, account numbers, addresses and phone numbers for 8,800 patients seen between 2004 and 2013. Some listings also included additional information such as Social Security numbers, birthdates, credit card numbers and limited healthcare information.
An investigation determined that the file had been viewed 47 times.https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i
"Individuals who called HSO's patient accounting staff during the time period above with questions about their account should examine their personal and financial information, such as credit card accounts and accounts with financial instutitions for unusual or authorized activity," HSO said in a statement [PDF].
Patients with questions are advised to contact HSO at (800) 495-7647.