Jefferson Health cancer patients affected by the Elekta cyber attack
In April, the personal information of some Jefferson Health cancer patients was leaked as part of a cyber attack on the supplier’s data system.
Jefferson Health learned on May 26 that its patients were affected by a data breach by the Swedish medical system company Elekta. The health system said In the notice to the patient on Monday.
Approximately 42 healthcare systems in the United States have been affected by cyberattacks, Atlanta Magazine-Constitution Reported in late April. Those affected include the Yale New Haven health care system in Connecticut and the Emory health care system in Atlanta.
Elekta offers a cloud-based mobile application called SmartClinic, which allows providers to access patient information for cancer treatments. An unauthorized person gained access to the company’s system and obtained a copy of the SmartClinic database, which Jefferson used to store patient information at his Sidney Kimmel Cancer Center.
Jefferson Health would not disclose how many patients were affected by the data breach, nor would it disclose why the health system did not notify them until nearly two months after officials first learned of the hacking.
Jefferson Health stated that the data breach may include the patient’s name, date of birth and medical information. It may also expose clinical information related to the treatment, such as the doctor’s name and department, service date, treatment plan, and diagnosis and prescription information. Some patients’ social security numbers may also be included.
The health system said it does not involve financial account, insurance and payment card information. Cyber ??attacks also do not include access to Jefferson’s systems, networks, electronic health records, or hospitals.
The health system has begun sending letters to people who may be affected by the data breach. Encourage patients to review the statements of their healthcare providers and contact them if they discover any services they have not received.
Jefferson Health is providing free credit monitoring and identity theft protection services for people who may have access to a social security number.
The health system said that after the cyber attack, it is reassessing its relationship with Elekta to prevent future violations.
The health system stated: “Jefferson Health regrets this incident and is committed to protecting the security and privacy of patient information.”
Patients with questions and concerns can contact Elekta’s call center by dialing (866) 281-0520 from 9 am to 11 pm on weekdays and from 11 am to 8 pm on weekends.
Elekta did not respond to PhillyVoice for comment on the incident.