Data Media Associates a Georgia-based value-added solutions provider serving the healthcare industry, has learned of a data security incident that may have involved personal and/or protected health information. DMA works with its client healthcare organizations to provide printing, mailing, and other healthcare billing fulfillment services. DMA has sent notification of this incident to potentially affected individuals and provided resources to assist them.
Recommended CIO Influence News:Â Liquidware Launches Liquidware Ready Program
In June 2023, DMA became aware of an alert issued by the Cybersecurity and Infrastructure Security Agency (“CISA”) addressing a critical vulnerability affecting MOVEit Transfer, a managed file transfer solution used widely by businesses and government agencies, including DMA, to securely transfer data. After becoming aware of the alert, DMA took immediate steps to patch its MOVEit system in accordance with the developer’s instructions. DMA thereafter undertook a comprehensive investigation with the assistance of leading external experts to learn more about the scope of any potentially affected data. Our investigation concluded on June 30, 2023, and revealed that certain data stored within MOVEit may have been acquired without authorization. Since that time, we have been working diligently to provide notice to our client healthcare organizations and gather information needed to provide notification to potentially affected individuals.
DMA provided notice of this incident to the potentially impacted individuals beginning on August 23, 2023. In so doing, DMA provided information about the incident and about steps that potentially affected individuals can take to protect their information. DMA takes the security and privacy of individuals’ information very seriously. It has taken all remediation measures recommended by the MOVEit software developers and will be evaluating additional safeguards that can be put in place to further enhance the security of the data entrusted to it.
Top AI ML Insights:Â Why Architecture Matters with Generative AI and Cloud Security
The following information may have been involved in the incident: Individuals’ names, addresses, and high-level medical or health insurance information such as would appear on billing statements, invoices, or other claims-related documents. In some instances, the involved data also included health insurance ID numbers, which DMA understands may be the same as individuals’ Social Security numbers.
DMA has established a toll-free call center to answer questions about the incident and to address related concerns. Call center representatives are available Monday through Friday from 9:00 a.m. to 9:00 p.m. Eastern Time and can be reached at 1-888-979-0013.
The privacy and protection of personal and protected health information is a top priority for DMA, which deeply regrets any inconvenience or concern this incident may cause.
Recommended CIO Influence News:Â Liquidware Launches Liquidware Ready Program
[To share your insights with us, please write to sghosh@martechseries.com]
