Fred Hutchinson Cancer Center (FHCC) is a three-location care network that delivers solutions for cancer patients. They are an independent organization that provides experience for the University of Washington’s Medicine programs. FHCC’s multiple locations allow for over 400 treatment trials, giving even patients with advanced diagnoses hope for the future.
Our first breach report of 2024 concerns Boston’s retired Fallon Ambulance Service (FAS). When operating, FAS was a medical transcription company serving emergency services and other affiliated companies. Transformative Healthcare (TH) oversaw FAS as a support component of their telephone services. TH absorbed FAS in December 2022 but retained patient data in compliance with their legal obligations.
HealthEC (HEC) is an analytics and AI-assisted solution that siphons all relative information about patients into cohesive packages. Their tech can identify high-risk patients and their barriers to optimal care while providing options to close these care gaps. The data comes from healthcare systems and integrates with claims data to represent the patient best.
Welltok provides a multi-use platform allowing institutions and individuals to manage their health and well-being. It is a third-party solution that caters to clinics, health networks, industry leaders, and private clinics. They also offer personalized resources and solutions meant to improve the health and lives of applicable patients.
The West Virginia University Health System (WVUHS) contains multiple institution locations, hospitals, and clinics. Welltok is a communications platform that allows patients and physicians to speak while encouraging healthy lifestyles. Like thousands of other medical providers, Welltok utilizes a third-party vendor to manage and maintain patient information; this vendor is Progress Software’s MOVEit.
In Oregon, the Neuromusculoskeletal Center of the Cascades and Cascade Surgicenter collectively are “The Center.” The professionals that work there are highly trained doctors from many fields, including physiatry, occupational medicine, neurosurgical, and orthopedic care. The Center serves central Oregon at three stand-alone clinics and rural treatment at six shared clinics.
Norton Healthcare consists of over 430 locations between Kentucky and Indiana. The clinics meet over two million a year, including adult and pediatric patients. The hospital offers one of the largest not-for-profit healthcare systems in the region and employs over 25,000 faculty members. Norton Healthcare is a community powerhouse in the region; this makes their announcement of a data breach all the more disturbing.
It’s the small vines, not the large branches, that trip us up in the forest. Apparently, it’s no different in Healthcare. In November, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Mitigation Guide aimed at the Healthcare and Public Health (HPH) sector.
