St. Anthony patient information compromised, parent company says
Personal information of patients at St. Anthony Hospital in Gig Harbor may have been compromised during a ransomware attack against the medical center’s parent company this fall, CommonSpirit Health announced.
The company detected the ransomware attack on Oct. 2. It forced St. Anthony and other Virginia Mason Franciscan Health facilities to take its medical records system offline, causing numerous problems at member hospitals.
Service to the records system was restored on Oct. 18.
A privacy breach notice posted on CommonSpirit’s website on Thursday, Dec. 1, indicates that “an unauthorized third party may have gained access to … files that contained personal information.” The notice says that “CommonSpirit has no evidence that any personal information has been misused as a result of the incident.”
Breached information may include names, addresses, phone numbers, dates of birth, and an internal unique patient identification. The patient ID is not a medical record number or insurance ID, the statement notes.
The breach occurred between Sept. 16 and Oct. 3. CommonSpirit said it would be “prudent” for patients to review health care statements for accuracy and report any discrepancies.
The attack also effected St. Michael Medical Center in Silverdale, St. Joseph in Tacoma, St. Clare in Lakewood, St. Anne in Burien, St. Elizabeth in Enumclaw and St. Francis in Federal Way.
CommonSpirit set up a special call center to answer questions about the event. Patients can call 855-504-2738 between 7 a.m. and 4:30 p.m. Monday through Friday.
The CommonSpirit site also includes answers to frequently asked questions about the ransomware attack. Read those here.