Dem senators press third party over medical data breach

Democratic Sens. Cory Booker (N.J.) and Bob Menendez (N.J.) are demanding answers from the third-party billing collection group at the center of a data breach that exposed information on almost 20 million patients.

The data breach involved an unauthorized user gaining access to the system of the American Medical Collection Agency (AMCA), the billing collection company used by Quest Diagnostics and LabCorp.

Quest announced earlier this week that the breach led to the exposure of 11.9 million patients’ data, and LabCorp said 7.7 million of its patients had their information compromised. The exposed information included Social Security numbers and financial and medical data.

In a Friday letter to AMCA President Russell Fuchs, the two senators criticized the company’s approach to data security and asked for details about how the breach occurred and what steps the AMCA will take to prevent additional breaches.

“We must ensure that entities with access to patients’ personal, medical, and financial information understand their heightened duty to protect both the patient and their sensitive information, and that your company is taking both immediate and long-term steps to mitigate any harm,” the senators wrote.

The letter came a day after a third company, Opko Health, revealed that the AMCA data breach exposed the personal information of more than 400,000 of its patients.

In a filing to the Securities and Exchange Commission, Opko Health said the breach exposed patient names, dates of birth, phone numbers and account balance information.

AMCA told Opko that it is sending notices to 6,600 Opko patients whose credit card or bank account information was stored in its system.