"Nashville Hospital Hit by Data Breach"
A Howard County hospital is the latest Arkansas healthcare provider to announce a data security breach that could put patients and employees at risk. Howard Memorial Hospital, located in the city of Nashville, became aware of suspicious network activity on Dec. 4. An investigation discovered the potential for files to be stolen by an "unknown actor" between Nov. 14 and Dec. 4. The hospital employs 250 employees and sees about 10,000 emergency department visits annually. The healthcare system, which includes outpatient clinics, had a gross revenue of $76 million during the 2021 fiscal year. Hospital Administrative Director Sandy Webb said the breach originated outside the hospital. Details on how the data theft was discovered, the number of files affected, and the potential financial impact was not immediately available. Information potentially stolen could include the patient's name, contact information, date of birth, social security number, health insurance information, medical record number, medical history, diagnosis, treatment, and physician name. Employee's records stolen could include name, contact information, date of birth, social security number, and bank account information. The U.S. Department of Health and Human Services Office for Civil Rights is required by law to post a public list of breaches of unsecured protected health information affecting 500 or more individuals. In 2022, the department reported four previous hacking or information technology incidents for healthcare providers in Arkansas. The four breaches accounted for 490,868 individuals affected this year. The breaches happened at Mena Regional Health Care System, Independent Case Management, Magie Mabrey Hughes Eye Clinic, and ARcare. ARcare saw the largest breach, with 345,353 individuals affected. Nationally, there have been 22 million individuals affected by hackers hacking healthcare providers' networks during 2022.
Arkansas Democrat Gazette reports: "Nashville Hospital Hit by Data Breach"