Classified information from a number of Guthrie patients has been accessed by an unauthorized source after a cyber security breach of a third party company.
According to a press release published by Guthrie on Wednesday, Blackbaud, an international business “specializing in philanthropy services for not-for-profits” that partners with Guthrie experienced an international cyber security breach this spring.
Guthrie officials informed the community that Blackbaud contacted them on July 16 to report that an unauthorized individual or individuals gained access to their systems between Feb. 7 and May 20.
An investigation showed that a backup file was accessed by the unauthorized persons that included “information pertaining to some Guthrie patients, including patient name(s), contact information, age, gender, date(s) of treatment, department(s) of service, treating physician(s) and health insurance status,” according to Guthrie.
Guthrie officials stated that Blackbaud has reported financial and credit card account information of Guthrie patients was encrypted, therefore not accessed by the unauthorized individual.
The Guthrie press release also noted that patient’s Social Security numbers were not in the data shared with Blackbaud and that the cyber breach did not involve any access to diagnosis or treatment plans in any Guthrie medical systems or electronic health records.
Guthrie President and CEO, Dr. Joseph Scopelliti stated that any Guthrie patients whose information may have been accessed by unauthorized parties will be notified by a letter by Sept. 14, as is required by federal and state law.
“Guthrie is committed to protecting the security and privacy of its patients, and all the individuals who support our organization. We take this situation very seriously and to help prevent something like this from happening again, Guthrie is examining its vendor relationship with Blackbaud and evaluating other alternatives,” Scopelliti commented.
Scopelliti also pointed out that the cyber breach was “not unique” to Guthrie and occurred at thousands of other organizations in partnership with Blackbaud.