The digital age has transformed how medical practices store and manage patient data. These technological advances come with vulnerabilities, as evidenced by the recent data breach at Pioneer Valley Ophthalmic Consultants (PVOC).
Below, our experienced data breach attorneys dive into the events surrounding this breach and what they mean for patients and the wider community.
Pioneer Valley Ophthalmic Consultants recently disclosed two incidents related to the breach of patient data.
These breaches, however, didn’t originate from PVOC’s internal systems. They stemmed from issues with a third-party vendor, Alta Medical Management, and ECL Group, LLC, collectively known as AMM. AMM had been providing billing and accounting services to PVOC’s patients.
On March 3, 2022, PVOC discovered that from November 13 to 15, 2021, AMM’s billing servers were compromised due to a malware attack by an unidentified actor.
As PVOC sought more details about this event, they also learned of another vulnerability. On May 11, 2022, investigators revealed that Alta’s online patient portal had potential unauthorized access to payment receipts until October 26, 2021.
Importantly, PVOC clarified that these incidents were isolated to AMM’s systems and did not involve any of PVOC’s own computer systems or website.
What is PVOC Doing?
On learning of these breaches, PVOC collaborated closely with AMM to establish the full extent of the breaches. AMM has since boosted its security protocols with added measures to protect its digital environment. They are also enhancing their technical capabilities by bringing on board more security personnel.
In addition to alerting government regulators as mandated, PVOC is offering affected individuals 12 months of complimentary credit monitoring services through Cyberscout, facilitated by Identity Force—a company under TransUnion, which specializes in fraud assistance and remediation services.
PVOC emphasizes that these services can alert users on the same day that any changes occur in their credit file in real-time.
Contact a New York Data Breach Lawyer
The path forward involves being proactive for those impacted by the PVOC data breach. Constant vigilance against potential identity theft, reviewing account statements, and monitoring credit reports are recommended.
PVOC’s credit monitoring services offer and proactive fraud assistance further equip you to protect your data.
At Jacoby & Meyers, LLP, we are committed to aiding victims of such breaches, providing guidance and support in these challenging times. Contact us today for a case evaluation.