Bone & Joint Experiences Data Security Incident

The incident may have involved personal and protected information belonging to current and former employees and patients.

By HFT Staff


Bone & Joint Clinic experienced a data security incident that may have involved personal and protected health information belonging to current and former employees as well as current and former patients. Bone & Joint has notified potentially affected individuals of the incident and offered resources to assist them. 

On January 16, 2023, Bone & Joint experienced a network disruption and immediately initiated an investigation of the matter and engaged cybersecurity experts to assist with the process. The investigation determined that certain administrative and medical files may have been acquired without authorization. After a thorough review of those files, on or about January 27, 2023, personal information was identified as being contained within the potentially affected data. Once the personal information was identified, Bone & Joint worked diligently to gather contact information needed to notify all potentially affected individuals and engaged resources to provide notification and remediation services. 

Bone & Joint is not aware of any evidence of the misuse of any information potentially involved in this incident. However, on March 7, 2023, Bone & Joint provided notice of this incident to the potentially affected individuals. In doing so, Bone & Joint provided information about the incident and about steps individuals can take to protect their information. Bone & Joint takes the security and privacy of employee and patient information seriously and has taken steps to prevent a similar event from occurring in the future. 

Bone & Joint is offering all potentially affected individuals with complimentary identity protection services for 12 months through IDX, a leader in consumer identity protection. These services include dark web monitoring, a $1,000,000 identity theft insurance reimbursement policy, and fully managed identity theft recovery services. Those individuals whose Social Security numbers may have been affected have also been offered complimentary credit monitoring for 12 months. 

The following personal and protected health information may have been involved in the incident: names, dates of birth, Social Security numbers, home addresses, phone numbers, health insurance information, and diagnosis and treatment information. 



March 17, 2023


Topic Area: Safety , Security

Recent Posts

Alleged Ransomware Administrator Extradited from South Korea

The Phobos ransomware has been used globally to target over 1,000 organizations, including healthcare.

Design Plans Unveiled for New Intermountain St. Vincent Regional Hospital

The new hospital will be a 14-floor, 737,000 square-foot facility in Billings, Montana.

Ground Broken on New Pediatric Health Campus in Dallas

The new campus will replace the existing Children’s Medical Center Dallas.

Pre-Construction Strategies for Successful Facilities Projects

Savvy decisions can help facilities meet long-term goals by creating consistency and eliminating waste.

Geisinger Finds Success with Violence Prevention Efforts

Their safety measures included training staff in de-escalation, active-shooter response drills and equipping 6,000 employees with duress notification badges.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.