Data Breaches at Manquen Vance, DNF Medical Centers and Peak Vista Community Health

The Manquen Vance group health plan broker and consultancy firm based in Michigan, previously known as Cornerstone Municipal Advisory Group – is informing 7,018 people regarding a potential compromise of their personal and health information (PHI).

The investigation began on November 16, 2020 after the company noticed suspicious activity in a worker’s email account. Manquen Vance affirmed that unauthorized individuals accessed the account from November 1 to 16. Only one email account had been compromised.

Although it is likely that emails and file attachments with sensitive information were viewed or copied, there is no sure evidence found to point out that was what happened. The late issuance of breach notifications was because of the long process of examining each email in the account for sensitive data. That procedure was concluded on February 2, 2021 and ascertained that members’ names, Social Security numbers, and medical insurance information had potentially been breached. Since the security incident, Manquen Vance has taken steps to boost email security to avoid identical breaches from happening again.

DNF Medical Centers Terminates Employee for Rerouting Blood Samples to Unauthorized Laboratory

DNF Medical Centers located in Florida is sending notification to 846 persons regarding a breach of their PHI. The healthcare provider discovered on February 18, 2021 that an employee was diverting the blood samples of patients to an unauthorized laboratory for screening, and not to LabCorp or Quest.

Patient data sheets were dispatched with the blood samples which comprised patient names, birth dates, addresses, phone numbers, healthcare provider name, and the last 4 digits of Social Security numbers. DNF Medical Centers stated that the lab performed medical tests as required and returned the results; nevertheless, because this was an unauthorized lab, DNF Medical Centers is worried about the integrity of the test results. Therefore, affected patients were informed and asked to do their blood tests again at zero cost.

An investigation of the incident was started and the employee was interviewed and eventually fired. DNF Medical Centers believes no personal information was improperly used or further disclosed and that the blood samples were provided to the laboratory for the needed medical assessments to be done to permit the laboratory to bill patients’ health insurance companies for the lab tests.

PHI Breach in Peak Vista Community Health Robbery

On March 7, 2021, robbers broke into a facility of Peak Vista Community Health located in Colorado Springs and stole computer devices. On March 31, 2021, Peak Vista confirmed that two thieved computers held patient records with names, dates of birth, telephone numbers, health record numbers, prescription medication lists, and diagnosis data.

Peak Vista has filed a report submitted about
the theft to law enforcement, however, the equipment has not been recovered. Though it is possible that the thieves accessed the data on the computers, there is no proof of attempted or actual misuse of patient data discovered. Peak Vista Community Health mentioned only a few of its patients were impacted and every one of them has already been advised via mail.