Cloud EHR vendor nTreatment reportedly left medical records unprotected

Healthcare IT News

Kat Jercich

A TechCrunch report this week found that the record-management vendor nTreatment left a cloud-storage server containing thousands of sensitive health records unprotected by password.

The server, said to include doctors' notes, insurance claims, lab test results and other sensitive health information, was hosted on Microsoft Azure. Some of the records belonged to children, and none of the data was encrypted, according to TechCrunch.

In response to an email from TechCrunch, nTreatment cofounder Gregory Katz said the server was used as "general purpose storage" and that the company would notify the affected providers and regulators about the exposure. The information was later secured.


Some experts speculated that the exposed data could already be spreading among bad actors who would use it for fraud or other crimes.

"Although the cloud server was secured, it’s very likely...

Get the Morning Update

Thanks for subscribing!