Patients and employees at a number of nursing and rehabilitation centers located in Illinois are being informed about the potential compromise of some of their protected health information (PHI) due to a cyberattack on Dynamic Health Care, Inc.
Dynamic Health Care offers administrative, consulting, and back-office services to nursing and rehabilitation establishments in Illinois that need access to selected staff and patient information. On November 8, 2020, Dynamic Health Care found out that malware was installed on a number of computers inside its network. The malware incident was investigated to identify the complete nature and extent of the incident.
Dynamic Health Care stated that an unauthorized person got access to its network from November 8, 2020 to January 7, 2021. During that time when the attacker had access to the network, the attacker possibly read or obtained data concerning employees and nursing home residents at facilities such as Waterfront Terrace, Woodbridge Nursing Pavilion, Bridgeview Health Care Center, Ottawa Pavilion, Willow Crest Nursing Pavilion, and River North of Bradley Health & Rehabilitation Center.
A thorough analysis was done of all records on the impacted computers, which affirmed the exposure of sensitive data. The types of data likely breached in the attack differed from person to person and might have contained name, birth date, Social Security number, name of treating nursing care facility, dates of admission and/or discharge, and resident ID number.
Dynamic Health Care has sent breach notification letters to all persons impacted by the incident. Dynamic Health Care reported that it had implemented strict security procedures to secure all data in its keeping, however, these procedures have already been toughened right after the breach. Employees got more training and education to help avoid other breaches later on.