Texas healthcare provider waits seven months to notify patients of ransomware breach

by John R. Fischer, Senior Reporter | September 17, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) recommends that organizations hit by ransomware attacks report such incidents to state and federal authorities immediately. It also advises against paying any ransom demands, as that does not guarantee the return of data and can make organizations the subject of repeated attacks for more payoffs by the same attackers, according to Health IT Security.

Gastroenterology Consultants has offered complimentary credit monitoring and identity theft restoration services to those whose social security numbers were affected. It did not tell KHOU 11 the reason for delaying notifying patients but said it has revised its protocols to prevent future issues.

"We, unfortunately, learned that the time and effort to manually review thousands of documents was not cost-effective. Therefore, although there is no evidence of any unauthorized use of patient or employee data, we have determined it best to issue mail notifications to all employees and patients detailing the specific type of information potentially exposed," it said on its site.

Back to HCB News



You Must Be Logged In To Post A Comment Sign In If you've already created an account, use your email address and password to sign in using the form below. Login Problems: Click here if you are having login issues. Email address: Password: Forgot your password? Login Problems? View our Legal Notice and Privacy Notice Register Registration is Free and Easy. Enjoy the benefits of The World's Leading New & Used Medical Equipment Marketplace. Register Now!