Roosevelt General Hospital Offers Public Notice of Recent Security Incident

Roosevelt General Hospital Offers Public Notice of Recent Security Incident

RGH has confirmed a data security incident involving more than 500 medical records.

PORTALES, NEW MEXICO, December 20, 2019–On November 14, 2019, Roosevelt General Hospital (RGH) discovered malware, which is the intrusion of unauthorized software, on a digital imaging server used in radiology that contained patient information.

Information that may have been affected included names, addresses, date of birth, driver’s licenses numbers, Social Security numbers, phone numbers, insurance information, medical information and gender. Although it is not been confirmed that the compromise of any data actually occurred, RGH is alerting potentially affected patients and offering assistance in monitoring their information.

As soon as the breach was identified, the IT department immediately secured and restored the server and patient information was recovered. An evaluation of server vulnerabilities has been performed and all other risks have been mitigated.

“With security events such as this one, time was taken to thoroughly investigate what occurred and identify individuals who have been affected. Since then, the server has been secured and patient information has been restored. Health and Human Services was notified within the 60-day reporting timeframe,” stated RGH Marketing and Public Relations Director Jeanette Orrantia. Patients who receive a notice are encouraged to monitor their credit reports.

Kaye Green, CEO, said, “Although we are continuing our investigation, there is no evidence at this time that any patient data has been wrongfully used. The malware identified on the radiology server was contained and terminated immediately upon detection. This breach did not affect our electronic health record system or billing system.”