3,000 Affected by Rhode Island Ear, Nose and Throat Physicians Data Breach

A cybersecurity incident at Rhode Island Ear, Nose and Throat Physicians Inc. (RIENT) has resulted in the protected health information (PHI) of 3,000 patients being exposed. 

On June 19, 2019, a hacker gained access to RIENT’s network. The breach was detected immediately, and the organisation’s IT staff took steps to revoke unauthorised access to the network. 

RIENT contracted a third-party computer forensics firm was hired to assist with the investigation and help determine the scope of the breach and mitigate against its harmful consequences.

Investigators concluded that the compromised servers only contained the medical records of patients who received medical services between May 1, 2019, and June 12, 2019.  

The forensic investigation did not uncover any evidence to suggest patient information was viewed or copied, and no reports have been received to suggest patient information has been misused.

For the majority of affected patients, the breach was limited to names, dates of birth, and clinical information. A small subset of patients also had their Social Security number exposed.

RIENT have offered patients whose Social Security number was compromised free credit monitoring and identity theft protection services. RIENT is implementing additional technical safeguards to improve its security posture and prevent similar attacks in the future.

Following HIPAA’s Breach Notification Rule, the Department for Health and Human Services’ Office for Civil Rights has been notified of the breach. The breach portal report indicates that the breach impacted 2,943 patients. 

About the Author

Elizabeth Hernandez
Elizabeth Hernandez is the editor of HIPAA News. Elizabeth is an experienced journalist who has worked in the healthcare sector for several years. Her expertise is not limited to general healthcare reporting but extends to specialized areas of healthcare compliance and HIPAA compliance. Elizabeth's knowledge in these areas has made her a reliable source for information on the complexities of healthcare regulations. Elizabeth's contribution to the field extends to helping readers understand the importance of patient privacy and secure handling of health information. Elizabeth holds a postgraduate degree in journalism. You can follow Elizabeth on twitter at https://twitter.com/ElizabethHzone