Another former client of American Medical Collection Agency has come forward and announced that 13,000 patients will be receiving notifications that their personal information may have been compromised in a recent data breach at the agency.
Penobscot Community Health Center in Maine is the latest healthcare facility to announce its customers were part of the breach at American Medical Collection Agency, in which unauthorized individuals gained access to the agency’s web-based payments page for more than eight months. More than 20 million individuals have been impacted by the breach. The agency has subsequently filed for bankruptcy protection.
The healthcare facility contracted with American Medical Collection Agency for billing services, according to a published report. Penobscot Community Health was notified of the breach in mid-May. The information that was compromised included personal information and some credit card numbers, according to the report. Much like other clients that were involved in the breach, Penobscot has ceased doing business with the agency.
“The health and safety of our patients is our top priority, and that includes the safety of our patient data,” said Lori Dwyer, president and CEO of Penobscot Community Health Care. “Our own internal data security system is strong, and was not affected by AMCA’s incident. PCHC is absolutely committed to patient safety and privacy, and we are here to assist our patients through this.”
American Medical Collection Agency is facing a number of lawsuits and inquiries from state and federal lawmakers related to the breach.
While the 13,000 records that were compromised in this latest announcement is the far smaller than the number of records that were stolen from individuals of other clients, this latest revelation is yet another cautionary tale of the lingering impact that a breach can have on a company.