Back in early May, a cybersecurity incident forced Palomar Health Medical Group (PHMG) to shut down its phone and computer systems. An investigation determined someone had access to certain files from April 23 to May 5. Patients told NBC 7 Responds they’ve had trouble making appointments, getting test results and refilling prescriptions.
The NBC 7 Responds team reached out to PHMG with a list of questions. Last week, the medical group told NBC 7 answers were on their way. But as of Monday, it hasn't sent any responses yet.
So, NBC 7 read through the latest patient notices and spoke with patients and employees to bring you the latest.
Previous coverage:
Get top local stories in San Diego delivered to you every morning. Sign up for NBC San Diego's News Headlines newsletter.
For the last 12 weeks, Michael Iverson from Temecula has made the half-hour drive to the PHMG branch in Escondido for his prescription refills.
“It’s much easier when there are electronic prescriptions," Iverson said.
But this last visit was different.
“I called a couple of days ago about the prescription, didn’t hear anything back, so I had to come down. I figured I had to get another paper prescription, and I was just informed that now they just started doing it electronically again,” he said.
On PHMG’s website, it says it has made significant strides in recovering its electronic systems. These include:
- Electronic medical records
- Access to the patient portal
- Inbound calling in most clinical areas
On July 3, PHMG sent NBC 7 an email confirming that someone gained unauthorized access to certain files within its network. According to the medical group's report to the U.S. Department of Health and Human Services, the breach affected about 500 people.
Patient data that may have been compromised includes name, address, date of birth, social security number, medical history, health insurance information and credit card information.
Iverson said he’s not too concerned about his medical history being in the wrong hands. He worries about his personal and credit card information getting out there.
PHMG hasn’t confirmed if this was a ransomware attack like some experts have suggested. The medical group said it's still restoring patient files and that those impacted by the breach will receive individualized notices with additional information.
