This HIPAA breach notice applies only to patients with Regional Eye prior to Dec 5, 2021. We will update this news post as we receive more information from our vendor.
Regional Eye patients prior to Dec 5, 2021:
We regret to inform you that our practice learned that our third-party vendor used for electronic medical records had a breach which may involve your personal health information. We became aware of this breach on March 1, 2022. We are notifying affected individuals in as timely a manner as possible so that you can take swift personal action along with our organization’s efforts to reduce or eliminate potential harm.
Our vendor informed us that the incident involved an individual who gained access to our vendor’s system on December 4, 2021. This individual deleted several databases between the hours of 7:18 pm and 10:13 p.m. before being discovered and locked out of the system. At this time, we do not have any evidence which leads us to believe that any personal health information was exfiltrated, but the investigation is ongoing.
Since we cannot guarantee that your data has not been exfiltrated, we would advise you to immediately take the following steps:
- Call the toll-free numbers of any of the three major credit bureaus (below) to place a fraud alert on your credit report. This can help prevent an identity thief from opening additional accounts in your name. As soon as the credit bureau confirms your fraud alert, the other two credit bureaus will automatically be notified to place alerts on your credit report, and all three bureaus will provide you a copy of your credit report free of charge.
- Equifax: (800)525-6285; www.freeze.equifax.com.
General: (800) 685-1111, www.equifax.com, P.O. Box 740256, Atlanta, GA 30374. - Experian: (888) 397-3742; https://www.experian.com/freeze
General: (888)EXPERIAN (397-3742); www.experian.com; P.O. Box 9554, Allen, TX, 75013. - TransUnion: (800) 680-7289 (888-909-8872 for freeze);
http://www.transunion.com/personal-credit/credit-disputes/fraud-alerts.page;
TransUnion Fraud Victim Assistance Department, P.O. Box 160, Woodlyn, PA 19094.
General: (833) 395-6938; www.transunion.com; P.O. Box 160, Woodlyn, PA 19094.
- Equifax: (800)525-6285; www.freeze.equifax.com.
- Order your credit reports. By establishing a fraud alert, you will receive a follow-up letter that will explain how you can receive a free copy of your credit report. When you receive your credit report, examine it closely and look for signs of fraud, such as credit accounts that are not yours.
- Continue to monitor your credit reports. Even though a fraud alert has been placed on your account, you should continue to monitor your credit reports to ensure an imposter has not opened an account with your personal information.
As previously stated, our third-party vendor is currently conducting an investigation into this breach. We are working closely with them during the forensic investigation.
We are committed to lessen the harm this may cause you by taking the necessary steps to ensure the integrity of your protected health information. To protect against such breaches in the future, our vendor has implemented technical, administrative, and physical safeguards to protect against future attacks. This includes reviewing and updating access controls, permissions, and data storage security procedures.
We apologize for the stress and worry this situation has caused you. We are committed to keeping your information safe and assure you we are doing everything possible to regain your trust in our practice. Please do not hesitate to contact us with any questions about this incident, or if you need additional information on what you should do as a result of the breach call 1-681-668-0032.
Sincerely,
Regional Eye Associates, Inc
