Penobscot Community Health Center discloses that AMCA data breach impacted its patients

• Unauthorized access into AMCA’s systems between August 1, 2018, and March 30, 2019, impacted almost 13000 PCHC patients whose information were stored in AMCA systems.
• The compromised information included patients’ names, dates of birth, name of referring medical provider, and other medical information related to services received at PCHC.

On July 12, 2019, Penobscot Community Health Center (PCHC) started notifying its patients about the data breach that was caused due to the American Medical Collection Agency (AMCA) incident.

What happened?

PCHC hired AMCA for billing collection services. Some of PCHC patient accounts were sent to AMCA for debt collection. Unauthorized access into AMCA systems which occurred between August 1, 2018, and March 30, 2019, impacted almost 13000 PCHC patients whose information were stored in AMCA systems.

“PCHC values the privacy and confidentiality of its patients’ information. Regrettably, this notice is regarding the American Medical Collection Agency (AMCA) incident, which you may have recently heard about in the news or about which you recently received notice by letter,” PCHC said in a security notice.

What information was compromised?

• The compromised information included patients’ names, dates of birth, name of referring medical provider, and other medical information related to services received at PCHC.
• Some patients also had their credit card information stored in AMCA systems.
• However, AMCA confirmed that no health records, diagnosis, or treatment information were impacted by this incident.

What was the immediate action taken?

• PCHC has ceased doing business with AMCA.
• It has taken the necessary steps to secure patient information contained in AMCA systems.
• It is also notifying the impacted patients about the incident and is requesting them to review their account statements.

“PCHC deeply regrets any concern or inconvenience this incident may cause our patients. PCHC has since ceased doing business with AMCA and is taking steps to retrieve and secure all PCHC information contained in AMCA’s systems,” PCHC said.