In a statement, ECHN vice president and spokeswoman Nina Kruse said Crozer-Keystone Health Systems became aware of a “malware incident” on June 14. While the malicious software was quickly isolated and affected systems were repaired and restored to full functionality, a continuing analysis determined that certain health information, including lab testing information for some patients, was impacted, according to Kruse.
The data does not include underlying clinical diagnoses, treatment, or other sensitive personal information, ECHN officials said, and there is no evidence to suggest the material was leaked or used by an outside entity.
“Based on the hospital’s ongoing investigation, we believe that no patient data was misused or made public and that no such data is at risk for future misuse or public disclosure,” Kruse said.
The company said it is notifying individuals whose information may have been affected and making additional resources available to them.
“We take seriously our obligations to protect patient confidentiality and continue to further improve our security safeguards to help prevent and detect similar attacks,” Kruse said.
Officials did not say how the malware came to be installed on the network’s computers.
According to its website, the Crozer-Keystone system has four hospitals in southeastern Pennsylvania — Crozer-Chester Medical Center in Upland, Delaware County Memorial Hospital in Drexel Hill, Springfield Hospital in Springfield, and Taylor Hospital in Ridley Park. It also has surgery centers and outpatient facilities in the same area.
Prospect Medical Holdings, the Los Angeles-based corporate parent of Manchester Memorial Hospital and Rockville General Hospital in Vernon, acquired Crozer-Keystone in July 2016.
©2020 Journal Inquirer, Distributed by Tribune Content Agency, LLC.