Bone & Joint Experiences Data Security Incident

The incident may have involved personal and protected information belonging to current and former employees and patients.

By HFT Staff
March 17, 2023

Bone & Joint Clinic experienced a data security incident that may have involved personal and protected health information belonging to current and former employees as well as current and former patients. Bone & Joint has notified potentially affected individuals of the incident and offered resources to assist them. 

On January 16, 2023, Bone & Joint experienced a network disruption and immediately initiated an investigation of the matter and engaged cybersecurity experts to assist with the process. The investigation determined that certain administrative and medical files may have been acquired without authorization. After a thorough review of those files, on or about January 27, 2023, personal information was identified as being contained within the potentially affected data. Once the personal information was identified, Bone & Joint worked diligently to gather contact information needed to notify all potentially affected individuals and engaged resources to provide notification and remediation services. 

Bone & Joint is not aware of any evidence of the misuse of any information potentially involved in this incident. However, on March 7, 2023, Bone & Joint provided notice of this incident to the potentially affected individuals. In doing so, Bone & Joint provided information about the incident and about steps individuals can take to protect their information. Bone & Joint takes the security and privacy of employee and patient information seriously and has taken steps to prevent a similar event from occurring in the future. 

Bone & Joint is offering all potentially affected individuals with complimentary identity protection services for 12 months through IDX, a leader in consumer identity protection. These services include dark web monitoring, a $1,000,000 identity theft insurance reimbursement policy, and fully managed identity theft recovery services. Those individuals whose Social Security numbers may have been affected have also been offered complimentary credit monitoring for 12 months. 

The following personal and protected health information may have been involved in the incident: names, dates of birth, Social Security numbers, home addresses, phone numbers, health insurance information, and diagnosis and treatment information. 

See the latest posts on our homepage Share

Topic Area: Safety , Security

Recent Posts
Recent Posts

A Potential Alternative to the Certified Healthcare Facility Manager Program

Kentucky Community & Technical College offers a similar educational foundation on healthcare facilities.


Florida Officials Question HCA Healthcare After Report Goes Viral

Sen. Marco Rubio and Rep. Gus Bilirakis have requested more information from HCA Healthcare.


Atlantic General Hospital Experiences Privacy Incident

AGH discovered encrypted files in its systems in late January.


Medical Office Building is Nation's First Net-Zero Healthcare Facility

Achieving net-zero building status required a two-part design combining energy efficiency and on-site renewable energy.


Health Systems Turn to Artificial Intelligence to Ease Workforce Shortages

Almost half of executives in this survey report using AI solutions for their workforce.



News & Updates • Webcast Alerts • Building Technologies

All fields are required.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

You Might Like