411,000 Patients’ PHI Exposed Due to Specialty Networks Data Breach

by

Specialty Networks, Inc. based in Chattanooga, TN recently reported a data breach impacting the protected health information (PHI) of 411,037 present and former patients. Specialty Networks provides healthcare facilities with radiology information systems and business management solutions. The company specializes in Picture Archiving and Communication Systems (PACS), a medical imaging technology that facilitates medical image storage, retrieval, and management. The company also offers healthcare facilities digital transcription and enterprise management services.

On August 15, 2024, Specialty Networks announced the data breach, though the breach or unauthorized access to its systems was first discovered on December 18, 2023. According to the results of the forensic investigation, hackers had access to the IT system between December 11 and December 18, 2023. During this period, files with sensitive patient data were stolen.

The delay in reporting the breach was attributed to the time needed to assess the compromised files. By May 31, 2024, Specialty Networks confirmed the compromise of patient PHI. The healthcare provider sent notifications to its covered entity clients, and by June 24, 2024, coordinated efforts with impacted providers to verify contact details and begin mailing breach notification letters to individuals.

The stolen data varied per person but could include one or more of these elements: names, birth dates, Social Security numbers, driver’s license numbers, medical records, treatment details, diagnoses, medications, and medical insurance details. Impacted individuals received notification letters on August 15, 2024, and offers to get free credit monitoring and identity theft protection services through IDX. The notification letters provided information with regards to the incident and measures that potentially impacted individuals can implement to safeguard their information.

Specialty Networks is committed to safeguarding the privacy of personal data and has implemented enhanced security measures to prevent future incidents. A toll-free hotline has been set up to assist affected individuals with any questions. Concerned individuals can call 1-888-678-3575 for support from Monday to Friday, 8:00 am to 8:00 pm.

Elizabeth Hernandez

Elizabeth Hernandez is the editor of HIPAA News section of HIPAA Coach and an experienced journalist in the healthcare sector. She specializes in healthcare and HIPAA compliance, making her a go-to source for information on healthcare regulations. Her work focuses on the importance of patient privacy and secure information handling. Elizabeth also has a postgraduate degree in journalism. Follow on Twitter: You can follow Elizabeth on twitter at https://twitter.com/ElizabethHzone