Western Washington Medical Group, or WWMG, is calling it a potential “breach” but from the official press release announcing it, we learn that it was sloppy work by a janitorial service–and not a financially motivated hacker or foreign spyware–that is to blame. Worse, the incorrect disposal of patient records took place back in November but the public is only hearing about it now, more than 2 months later. (The patients were only notified in mid-January.)
What Western Washington Medical Group Says Happened
WWMG claims that on November 13, 2017, its cleaning service “mistakenly comingled” normal office trash with documents that should have been disposed of in a more secure way. Some of those documents contained sensitive information including:
- Patient names
- Medical histories
- Appointment dates
- Insurance billing info
The mistake was caught the next morning but, as we mentioned, patients were only notified 2 months later.
Is Your Info At Risk?
WWMG says that no patient has yet reported any misuse of their data; the documents are believed to have been shredded and compacted with the normal office trash and sent to a landfill. The risk of any information falling into the wrong hands is characterized as “low”.
However, all affected patients are being offered one year of free identity protection services from ID Experts. If you are among those who received a letter about the “breach” you can contact ID Experts at 800-939-4170 for more details.
Photo by Andrew Pons on Unsplash