Columbia Eye Clinic Ensnared in Data Security Incident

It does not have any indications that its electronic medical record system or practice management systems were affected by this incident.

By HFT Staff


Columbia Eye Clinic (Columbia Eye) is in the process of notifying potentially impacted individuals of a data security incident that may have impacted personal information. 

On January 13, 2025, Columbia Eye experienced an information technology network disruption that impacted the clinic’s accessibility to certain electronic systems. Cybersecurity specialists were engaged to investigate the source of the issue. The investigation determined that an unauthorized actor entered the network between January 9, 2025, and January 13, 2025, and may have accessed certain files during the incident. Columbia Eye is in the process of conducting a comprehensive e-discovery review of the affected files to determine what information is impacted by this incident. Columbia Eye will notify individuals whose personal information was potentially impacted directly once the review completes. Columbia Eye also notified law enforcement. 

The potentially-affected information may include names, contact information, date of birth, procedure codes and other information needed to obtain pre-approval for eye-related procedures.  Columbia Eye does not have any indications that its electronic medical record system or practice management systems were affected by this incident.  Though Columbia Eye has no evidence that the data has been used to commit fraud, persons potentially affected are encouraged to remain vigilant, carefully monitor financial account statements, healthcare statements, and credit reports, and report any discrepancies to law enforcement. 

Upon discovering this incident, Columbia Eye promptly reset all user passwords, created a new IT environment using backup systems, issued new devices and software, added additional monitoring software, implemented enhanced security policies and procedures aimed at protecting access to data, and took additional steps to harden the overall environment. Columbia Eye will continue to review and enhance its policies and procedures to reduce the likelihood of a similar incident occurring in the future. 



March 27, 2025


Topic Area: Information Technology , Security


Recent Posts

Healthcare Security: To Arm Or Not To Arm?

Deciding whether or not to hire armed security personnel requires that managers understand a range of critical considerations.


False Alarm at Kansas Hospital Highlights Importance of Alarm System Reliability

After a two-hour search of the hospital and nearby medical facilities, no threat was found.


Integrated Oncology Network Caught Up in Data Breach

The network first learned of the incident on April 11, 2025.


ISSA Introduces Healthcare Platform to Advance Safer, Cleaner Patient Environments

This new resource integrates training, research and cross-sector collaboration to raise care standards and improve patient outcomes.


Third-Party Tracking Settlement is a Compliance Wake-Up Call for Healthcare Facilities Managers

Mount Sinai Health System agrees to a $5.3 million settlement to resolve claims it improperly shared patient data with Facebook through tracking tools.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.