For the second time this year, a data security breach is roiling the home care industry. This time the target was Avamere Health Services, which operates more than 80 senior services businesses, including nearly a dozen home care and hospice agencies.
The Wilsonville, OR-based company recently announced on its website that an unauthorized party potentially removed a limited number of files and folders from a third-party hosted network that Avamere used. The company believes the security breach happened sometime between mid-January and mid-March of this year.
Avamere said the files and folders removed from the system contained identifiable protected health information, including full names, addresses, birth dates, Social Security numbers, driver’s license of state identification numbers, financial account numbers, mediation information, lab results and medical diagnosis/conditions.
“The security and privacy of personal information is of the utmost importance,” the company said on its website. “Since the incident, our Information Technology (“IT”) department and external security experts have reviewed and enhanced our systems to reduce the chance of a similar event occurring in the future.”
Avamere said it notified individuals whose information was included in the affected files and folders. The company provided those patients with complimentary credit monitoring services, as well as best practices on ways to protect their information.
Avamere’s notice comes just weeks after in-home diagnostic services provider TridentCare reported a data security breach that affected up to 6,200 patients. In that incident, thieves broke into one of its facilities, stealing computer hard drives and other equipment that may have contained personal information about patients.
Data theft has been on the rise in the U.S. Earlier this year, the Identity Theft Resource Center reported there were 1,862 data security breaches in 2021, a 68% increase over the 1,108 breaches in 2020.
