Records for more than 1,100 Genesis Health System patients are among those that may have been compromised when they were left openly available online for nearly two months.
Cogent Healthcare, a doctors’ group that operates as Cogent Healthcare of Iowa at Genesis Health System facilities in the Quad Cities area, experienced a security lapse they blame on the medical transcription company they used.
Records for some patients at Cogent facilities in Davenport and at the Genesis Illini Campus were affected.
The lapse allowed health information records for approximately 32,000 patients across the U.S. to become accessible between May 5 and June 24, 2013. Between 1,100 and 2,000 patients treated at Quad Cities-area facilities are among those affected.
Cogent Healthcare posted a statement online indicating records that were part of the security breach contained the physician names as well as patient name, date of birth, diagnosis, treatment summary, medical history, medical record number and other information.
The online statement from the company said some of the notes were indexed by Google and that Cogent was unable to identify exactly who accessed the unsecured information.
“Copies of patient medical records and Social Security number were not included in the accessed records,” the statement said.
The statement said Cogent took physical possession of the hardware used at the medical transcription company and terminated their relationship with that company. Cogent was also confirming with Google that evidence of patient health information was removed from its files.
Genesis Health System is making a privacy officer available to anyone contacted by Cogent who still has questions or concerns. A statement on the Genesis Health System website suggested patients call that privacy officer at (563) 421-7262 or Cogent directly at (877) 218-0052.
Cogent is encouraging affected patients to review account statements and monitor free credit reports.