The Florida Department of Health’s Office of Medical Marijuana Use is launching an investigation regarding how medical marijuana patient information was compromised. The breach involves patients of AltMed, which operates as MüV. The company was notified of the breach on December 1.
While it isn’t known how the breach occurred or what information was compromised, the company has taken steps to address the situation, Florida Politics reports. MüV was made aware of the issue by a customer. The customer remarked that “customer information could be accessed through a search utility on the website”.
The search engine function on the website was taken down within ten minutes of the IT staff being made aware of the issue.
The IT department said, “Taking it one step further, we ‘unpublished’ any sections of the site that contained customer data.”
Todd Beckwith of MüV said, “Thus far it appears that there was … limited information accessed. Please know that we take security and patient confidentiality seriously – not just because the law, but because it’s the right thing to do.”
The state can impose a fine of up to $10,000 on the company due to the breach of patient information.
MüV does not know how many patients were affected but all that were will be notified.
Nick Van Der Linden, spokesperson for the Department of Health, said, “The Department is aware of the breach of confidential patient information. Ensuring patient confidentiality is of utmost importance to the Department and we are committed to thoroughly investigating this event and taking appropriate action.”
MüV does plan to make a statement once the exact cause of the breach is known.
Beckwith said, “We’re not ready to make a statement until we’re 100 percent sure what happened. But I can say that I am very proud of the way our team responded.”