Community healthcare provider First Choice has notified its customers of a data security incident that may have exposed the personal and protected health information of individuals treated at the firm.
First Choice first learned of the security incident on March 27 following a discrepancy in its technological environment. The firm then engaged an independent cybersecurity team to investigate the scope of the attack.
During the subsequent investigation, it was determined that certain protected health information may have been accessed without authorization. By June 3, a comprehensive review of potentially impacted data was concluded.
The affected personal and protected health information, as confirmed by First Choice, may have included names, Social Security numbers, First Choice patient ID numbers, diagnosis and clinical treatment information, medications, dates of service, health insurance information, medical record number, patient account number, date of birth, and provider information.
