Piedmont patients had private information compromised in data breach, hospital system says
Atlanta-based Piedmont Healthcare, which includes two hospitals and a cancer treatment center in Columbus, is mailing letters to an undisclosed number of patients to inform them that a data breach has compromised some of their private information.
The data breach occurred at one of its vendors, South Carolina-based Blackbaud, a third-party management services provider used by the Piedmont Healthcare Foundation in connection with its fundraising activities.
“On July 16, 2020, Blackbaud informed the Foundation it discovered that an unauthorized individual had gained access to Blackbaud’s systems between February 7 and May 20, 2020,” Friday’s news release from Piedmont says. “. . . Piedmont immediately took steps to understand the extent of the incident and the data involved.”
After its investigation, “Piedmont has reason to believe that it contained patient names, demographic information (including addresses, phone numbers, and email addresses), medical record numbers, the Piedmont facility where care was administered, physician names, and/or some diagnosis information,” the news release says.
Piedmont emphasized, “Social Security numbers, and financial and credit card account information were encrypted, and therefore were not accessed by the unauthorized individual. Also, this incident did not involve any access to Piedmont’s medical systems or electronic health records.”
In its news release, Piedmont didn’t say how many patients are affected or where they were treated. The Ledger-Enquirer asked Piedmont whether the data breach involves patients of Piedmont Columbus Regional’s facilities, such as the Midtown and Northside hospitals and the John B. Amos Cancer Center.
“We’re not going to provide any additional information beyond what is in the press release,” Piedmont spokesman John Manasso told the L-E in an email.
“For individuals who believe they may have been affected, Piedmont recommends that you review the statements you receive from your healthcare providers,” the news release says. “If you see services you did not receive, please contact the provider immediately.”
A toll-free phone number has been established to handle questions about the data breach: 1-866-925-2023, open from 9 a.m. to 6:30 p.m. EDT Time, Mondays through Fridays, excluding major U.S. holidays.
“Piedmont takes this matter very seriously and regrets any negative impact or inconvenience this incident may cause to its patients,” the news release says. “To help prevent something like this from happening again, Piedmont is undertaking a review of how its information is stored with Blackbaud and evaluating its security safeguards.”
This story was originally published September 11, 2020 at 4:13 PM.
