The Orange County, New York-based Middletown Medical has acknowledged a data breach in which a security setting on one of the group’s radiology interfaces enabled unauthorized users to access electronic patient information.
The misconfigured security settings specifically may have permitted users to see a patient listing and, in a limited number of cases, may have allowed unauthorized users to access limited patient data electronically, the organization said in a notification statement.