The number of healthcare organizations affected by the data breaches at the Eye Care Leaders, the US-based software business that serves ophthalmology services, is increasing steadily. In the most recent development, Massengale Eye Care, Oklahoma, reported a third-party data security incident giving rise to the fear of unauthorized access to their systems. Over 40 eye care providers have been impacted by this cyber incident, according to a HIPPA Journal post.
A notification published by Massengale stated that there is no evidence of misuse of the patient’s personal information, just like in the case of the other organizations impacted by the ECL data breach. Eye Care Leaders, which offers an ophthalmology-specific EMR solution, suffered unauthorized access to its myCare Integrity system. Massengale clarified that it has been using myCare Integrity since 2017.
Data breach in the Eye Care Leader’s network environment
According to Eye Care Leaders, the systems of its product myCare Integrity suffered unauthorized access on or around December 4, 2021. The hacker also deleted databases and system configuration files. Upon detecting it, the incident response team of ECL stopped the unauthorized access and initiated investigations. Hackers have possibly gained access to personally identifiable information (PII) of users that was available in the systems, including names, dates of birth, addresses, social security numbers, health information, and health insurance data.
The cost to companies owing to data breaches
Data breaches cost healthcare providers existing patients and the destruction of goodwill affect their future business. According to a research report published by LexisNexis Risk Solutions, the cost of acquiring a new customer for the top 100 healthcare payers is more than 300% times that of maintaining an existing customer. Data breaches are making rebuilding memberships a challenging task for payers.
According to a post published by the HIPPA Journal, there were about 59 reported instances of data breaches in US healthcare sector in a month. It also reported that patient records of 31,705,618 members have been exposed so far in 2022. The largest data breach in healthcare was witnessed by the Wolfe Clinic in Iowa, which exposed records of over 542,000 patients. Interestingly, this data breach was due to the Eye Care Leaders systems attack since Wolfe clinic also used myCare Integrity which is ECL’s electronic health record provider
Eye Care Leaders faced a proposed class action for not adhering to agreements and concealing the breaches from its clients.