This seems to be a never-ending battle, but Connect On Call is now coming out that they were pilfered between February and May of this year. The rough estimate is around 914k but the title says 910k.
Healthcare software as a service (SaaS) company Phreesia is notifying over 910,000 people that their personal and health data was exposed in a May breach of its subsidiary ConnectOnCall, acquired in October 2023.
The article continues: “On May 12, 2024, ConnectOnCall learned of an issue impacting ConnectOnCall and immediately began an investigation and took steps to secure the product and ensure the overall security of its environment,” the company revealed.
Look at the date this is posted, the article date which is the 16 of December, and ask the question on why it took this long to have information put out to begin with.
“ConnectOnCall’s investigation revealed that between February 16, 2024, and May 12, 2024, an unknown third party had access to ConnectOnCall and certain data within the application, including certain information in provider-patient communications.”
The parent company did report this to HHS, and wrote:
While the statement doesn’t include the total number of people impacted, ConnectOnCall told the U.S. Department of Health and Human Services that the breach affected the protected health information of 914,138 patients.
Stop me if you’ve read this paragraph.
?The personal information exposed during the almost three-month-long breach includes information shared in communications between patients and their healthcare providers, such as names and phone numbers.
Stop me also if you’ve read this paragraph too!
This may have also included medical record numbers, dates of birth, as well as information related to health conditions, treatments, or prescriptions, and, in a small number of cases, the affected individuals’ Social Security Numbers.
If there is good news its this.
“The ConnectOnCall service is separate from Phreesia’s other services, including our patient intake platform. Based on our investigation to date, there is no evidence that our other services have been affected,” Phreesia said in a separate statement on its official website.
To read the entire article, read Bleeping Computer and their article titled ConnectOnCall breach exposes health data of over 910,000 patients.
Same shit different day? Sound off. (888) 405-7524 or (818) 527-4754.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.