Events Calendar

Mon
Tue
Wed
Thu
Fri
Sat
Sun
M
T
W
T
F
S
S
1
2
3
4
5
6
7
8
9
11
12
13
14
15
16
17
18
19
20
22
23
25
26
27
28
29
30
31
1
2
3
Electronic Medical Records Boot Camp
2025-06-30 - 2025-07-01    
10:30 am - 5:30 pm
The Electronic Medical Records Boot Camp is a two-day intensive boot camp of seminars and hands-on analytical sessions to provide an overview of electronic health [...]
AI in Healthcare Forum
2025-07-10 - 2025-07-11    
10:00 am - 5:00 pm
Jeff Thomas, Senior Vice President and Chief Technology Officer, shares how the migration not only saved the organization millions of dollars but also led to [...]
28th World Congress on  Nursing, Pharmacology and Healthcare
2025-07-21 - 2025-07-22    
10:00 am - 5:00 pm
To Collaborate Scientific Professionals around the World Conference Date:  July 21-22, 2025
5th World Congress on  Cardiovascular Medicine Pharmacology
2025-07-24 - 2025-07-25    
10:00 am - 5:00 pm
About Conference The 5th World Congress on Cardiovascular Medicine Pharmacology, scheduled for July 24-25, 2025 in Paris, France, invites experts, researchers, and clinicians to explore [...]
Events on 2025-06-30
Events on 2025-07-10
AI in Healthcare Forum
10 Jul 25
New York
Events on 2025-07-21
Events on 2025-07-24

Events

Latest News Press Releases

Intermountain Healthcare patient data breached in ‘security incident’

intermountain healthcare

Intermountain Healthcare patient data breached in ‘security incident’

The Utah-based health system was the latest to feel the effects of the cyberattack on cancer software vendor Elekta.

Intermountain Healthcare announced on Friday that a data security event affecting a business associate had made protected health information accessible to unauthorized individuals.

The incident affected four specialty clinics in southern Nevada, said officials from the Salt Lake City-based health system. Neither its facilities in Utah and Idaho nor its system wide records were affected.

“Intermountain Healthcare deeply regrets that this matter occurred and sincerely apologizes for any inconvenience or concern it may have caused,” said the health system in a press release.

WHY IT MATTERS

The breach occurred via an incident with Intermountain’s business associate, the cancer software vendor Elekta.

In mid-May, said Intermountain, Elekta informed the health system that a server with some data relating to its patients was affected in a security incident. This incident meant that some protected health information stored on the impacted systems had been made accessible to unauthorized people between April 6 and April 20.

“Upon receiving this notification, Intermountain Healthcare immediately worked with Elekta and others to confirm the nature and scope of the data at issue, including whether and how it related to patients of Intermountain Healthcare,” read a statement from Intermountain.

Although Intermountain could not confirm whether bad actors actually viewed or accessed any specific information, Elekta found that the data present on its affected systems included patient names and scanned image files.

Those files could have included medical images and information on medical intake forms, as well as patient Social Security numbers, dates of birth, demographic information, insurance cards and other identification cards.

Financial and payment information was not involved, and Intermountain says there is currently no evidence of misuse.

Intermountain did not report how many of its patients had been affected. However, the same incident affected 200,000 Northwestern patients, as well as individuals at dozens of other health systems.

“Intermountain Healthcare takes this incident and the security of the information in their care very seriously. Elekta migrated Intermountain Healthcare’s data to a new-generation cloud system as part of Elekta’s commitment to safeguarding customer data,” read the company statement.

THE LARGER TREND

Elekta has not yet revealed specifics about the nature or scope of the attack, but the incident – which also took cancer treatments at some hospitals offline earlier this year – exemplifies the ways that health system networks can be left vulnerable via business associates.

In fact, a report published in February 2021 found that almost three-quarters of the number of breaches reported to HHS in the last six months of 2020 were tied to third-party business associates.

ON THE RECORD

“As part of Intermountain’s ongoing commitment to protect the information in our care, Intermountain is working to review our existing policies and procedures as they pertain to third-party vendors and working with Elekta to evaluate additional measures and safeguards to better protect against this type of incident in the future,” said an Intermountain official.