COLONIE — A data breach at an accounting firm has potentially exposed the personal data of patients at the largest independent medical practice in the Capital Region.
Some of the 370,000 patients of Community Care Physicians got letters Tuesday from BST & Co. CPAs about the matter. Community Care followed up Wednesday with notices to patients about the situation and how best to respond.
Neither BST or Community Care would say how many people are potentially affected. Community Care said it was not all 370,000 patients, but was more than the 500-person threshold for mandated reporting under federal healthcare privacy rules. BST also would not say if any of its other clients were affected, but it noted that data for some of the other clients was stored on the computer network that was breached.
The situation stems from a December ransomware attack on BST. Community Care patient data was exposed but there is no evidence it was accessed or misused, BST said. Also, it said, the data involved was not the most sensitive type, such as bank account numbers, social security numbers or medical records — it was patient names, birthdates, record numbers and billing codes. Nonetheless, BST is outlining steps patients can take to protect themselves financially, and is offering free identity monitoring for a year.
Community Care is based on Route 7 in Latham and is a significant part of the Capital Region medical community. It has 400-plus practitioners in 30 specialties plus 1,600 other employees spread across 80 locations in eight counties.
BST is a large accounting and financial management firm based off Wolf Road in Colonie.
In a prepared statement Wednesday, Community Care Corporate Compliance Officer Mackensie Greene said there have been no known adverse effects on patients in the 10 weeks since the breac ..
Support the originator by clicking the read the rest link below.
