Medical centers have new recommendations to protect patient privacy

Related Story

COLUMBIA - Moberly Regional Medical Center was affected by a nationwide data breach August 19. Now, the FDA released new recommendations to medical device manufacturers for managing cyber security risks to better protect patient privacy.

The Community Health Services (CHS), the company which owns Moberly Regional Hospital and its clinics, breach involved personal identification data from patients seen at some of the clinics over the past five years. The clinics affected were Moberly Medical Clinics, Inc., Moberly Physicians Corporation and Moberly Rural Health Clinics. The hospital was not affected. 

The director of marketing and public relations for the Moberly medical center Jamie Morgans said the breach occurred at a corporate level. 

"We haven't changed anything on a local level but corporate has been making big changes and beefing up security since the breach," said Morgans. 

CHS has started working with Mandiant. Mandiant specializes in cyber-security and is investigating the security breach that happened in August. 

Mandiant believes the intruder in the breach was likely looking for intellectual property such as medical device and equipment information. The data transferred in this case included patient identification information related to its affiliated clinics and physician practices. 

MU Health Care public relations officer Jeff Hoelscher said nothing matters more than the patients security. 

"Our patients' privacy and safety is always what's most important to us," said Hoelscher.

Chairman of MU department of ENT Bob Zitsch said he is always concerned about his patients' safety.

"We're very aware of patient privacy issues and the University of Missouri Health Care is constantly educating providers, staff and so forth on privacy concerns," said Zitsch.

The FDA is planning a public workshop this fall to discuss how government, medical device developers, hospitals, cyber security professionals, and other stakeholders can collaborate to improve the cybersecurity of medical devices and protect public health.