SAN ANTONIO — Patients of Baptist Health System and Resolute Health Hospital are beginning to receive notifications of a data breach, in response to a cybersecurity incident that affected patients across Texas.
The breach, which was discovered on April 20, involved the possible infection of malicious code by an unauthorized party, and may have affected patients at Baptist Medical Center, which includes San Antonio-area facilities, and Resolute Health Hospital.
When asked about the size of the data breach, representatives from Baptist Health would not release the number of individuals who are possibly affected.
In the notice sent to patients, Baptist Health officials state that an investigation is ongoing, and a national forensic firm is assisting with the investigation and remediation efforts.
According to a press release from Baptist Health Systems, the personal information involved in the incident may have included one or more of the following:
- Demographic information to identify and contact the patient, such as full name, date of birth, and address
- Social security number
- Health insurance information, such as name of insurer/government payor, policy and/or group number
- Medical information, such as medical record number, dates of service, provider and facility names, chief complaint or reason for visit, and other visit, procedure and diagnosis information
- Billing and claims information, such as account and/or claim status, billing and diagnostic codes, and payor information.
The press release goes on to state that driver’s license numbers, credit and debit card information, bank account information, and account passwords were not involved in the breach.
As a result of the incident, Baptist Health officials say security and monitoring capabilities are being enhanced and systems are being hardened to minimize risk of future incidents. Patients are also being urged to monitor their accounts, and report any suspicious activity.