Download our in-depth report: The Ultimate Guide to IT Security Vendors
Billing services provider Parallon Business Solutions recently notified the New Hampshire Attorney General that a former employee had inappropriately accessed 40 New Hampshire residents' personal information (h/t PHIprivacy.net).
The 40 affected residents were patients at 13 different physicians' practices for which Parallon provided billing services.
"On February 5, 2014, we were notified by the Metropolitan Police Department of Nashville, Tennessee and the United States Secret Service about an investigation of a former employee regarding theft of personal information between August 27, 2012 and April 23, 2013," Parallon privacy officer Carolyn Regen wrote in a letter [PDF] to the Attorney General's Office.
The data accessed by the former employee included names, Social Security numbers, home addresses and health insurance information.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
"We do not know whether the former employee has misused or disclosed your information; however, the police have determined that the former employee has used identities of others to engage in fraud, such as fraudulently obtaining credit, leasing apartments and/or opening accounts with utilities and phone companies," Parallon compliance officer Susan Mitchell wrote in the notification letter [PDF] to affected patients.
All those affected are being advised to consider placing fraud alerts on their credit files, and are being offered one free year of credit monitoring services from TransUnion.
The same incident also resulted in the exposure of 40 LewisGate Regional Health System patients' personal data, which was reported earlier this month. According to news reports at the time, it was those patients' information that was used to obtain credit, open accounts and lease apartments.