Previously, R1 RCM Inc., under different name had several incidents involving thefts of laptops containing unencrypted patient data.
R1 RCM, formerly Accretive Health Inc., is the latest target of a ransomware attack. It is one of the largest medical debt collection firms in the US, with a turnover of over $1.18 billion in 2019.
RCM refers to the revenue cycle management sector that tracks patient records and profits details throughout their life cycle. This includes details like patient insurance, registration, medical treatment documents, benefits verification, bill preparation, and collection, etc.
The company is not new to incidents involving data related risk factors. In July 2011 when R1 RCM was known as Accretive Health, someone stole the company’s laptop containing unencrypted patient data that was stolen from the personal vehicle of one of its employees.
In 2012, a US Senate inquiry revealed that there were nine such incidents in 2011 involving thefts of patient data-bearing company laptops. It was also reported that 30 company laptops had lacked encryption.
Now, according to cybersecurity journalist Brian Krebs, the Chicago-based company’s systems were taken down after being hit by a ransomware attack.
Krebs reported that it is a concerning issue since the company has access to a treasure trove of private, financial, and medical data of millions of patients, including their Social Security Numbers and medical diagnostic data, apart from names and contact information.
See: Authorities bust hac ..
Support the originator by clicking the read the rest link below.
