RGH reports potential security breach

PORTALES — Roosevelt General Hospital patients should keep an eye on their credit scores following a potential breach into the hospital's secure systems containing personal information.

RGH issued a public notice Monday regarding the potential theft of patients’ personal information that was discovered on Nov. 14.

RGH found that a digital imaging server used in radiology that contained patients’ detailed information had contracted malware. There is no confirmation that any data has been stolen, but RGH will be offering patient information monitoring services to anyone who may be affected.

Patients who receive a notice should monitor their credit reports, RGH said in its news release.

RGH claims that as soon as the breach was identified, its internet technology department secured and restored the server and began an evaluation of server vulnerabilities to ensure any other risks would be mitigated.

“Although we are continuing our investigation, there is no evidence at this time that any patient data has been wrongfully used,” RGH Chief Executive Officer Kaye Green stated in the release. “The malware identified on the radiology server was contained and terminated immediately upon detection. This breach did not affect our electronic health record system or billing system.”

Information that may have been leaked includes names, addresses, dates of birth, driver's license numbers, Social Security numbers, phone numbers, insurance information, medical information and genders of patients.

“With security events such as this one, time was taken to thoroughly investigate what occurred and identify individuals who have been affected. Since then, the server has been secured and patient information has been restored. Health and Human Services was notified within the 60-day reporting timeframe,” RGH Marketing and Public Relations Director Jeanette Orrantia stated in the release.