Some information submitted in online forms on Blue Mountain Hospital District’s website may have been compromised, but no patient information could have been accessed.
FastHealth, a vendor that provides website hosting and design for the hospital, sent notices to local people who may have been affected April 23. One letter signed by CEO Kevin Foote said the person’s name and Social Security number was on a database that was accessed by an unauthorized third party in August 2017. Foote did not respond to a message from the Eagle.
Blue Mountain Hospital District CEO Derek Daly said FastHealth recently informed the district that the data that was potentially accessed were online job applications.
“No patient information is managed by FastHealth,” Daly said. “No data was compromised from BMHD.”
Daly said FastHealth cannot confirm the number of applications that were compromised, so the company is sending notices to anyone who may have potentially been affected.
The district is still contracting with FastHealth, he said.
“FastHealth has taken an aggressive stance by implementing new encryption solutions, data protection and security protocols,” Daly said. “Following FastHealth’s notification ... we made sure that our employees were aware of FastHealth’s data breach and provided education surrounding data breaches.”
Foote said in the letter the company has no indication any of the personal information has been misused. The company offered to provide one year of free credit monitoring, fraud consultation and identity theft restoration.
“We sincerely apologize for any inconvenience or concern this incident may cause you,” Foote said in the letter.
Daly encouraged anyone who received a letter from FastHealth to follow all of the instructions or contact to the company at 1-833-215-3730.