Center for Health Education, Medicine & Dentistry ("CHEMED") Data Breach (2020)

March 27, 2020·6 min read LAKEWOOD, N.J., March 27, 2020 /PRNewswire/ -- Center for Health Education, Medicine & Dentistry ("CHEMED") is providing notice of an incident that may affect the security of some of its patients' personal information. While CHEMED currently has no indication that patient information has been misused in relation to this incident, CHEMED is providing information on the incident, measures it has taken, and what individuals may do to better protect their personal information should they feel it appropriate to do so. On March 27, 2020, CHEMED began mailing written notice to patients it determined were impacted by this incident. CHEMED also posted notice of the incident on its website at https://www.chemedhealth.org/images/website-notice.pdf. CHEMED uses a third-party Radiology imaging system (Konica) to send and store its studies to Radiologists to read. On December 10, 2019, CHEMED was notified that many Radiology providers across the Country had possibly been vulnerable to a potential opening which could allow unauthorized access to patient information. Working with outside computer forensics specialists, CHEMED commenced an investigation to determine the full extent of the issue. On February 20, 2020, the investigation determined that the vulnerability existed between July 28, 2015 and December 10, 2019. Although there were attempted unauthorized connections to the server from the public internet during that time period, CHEMED was unable to determine whether those connections were successful and specific patient records were actually subject to unauthorized access. CHEMED is therefore providing impacted patients with notice of this incident in an abundance of caution. The following types of patient information were determined to be at risk for possible unauthorized access: patient name, procedure date, patient date of birth, patient ID, exam ID, physician's name, and medical organization name (CHEMED).