SAC Health System Reveals a Security Incident

10
SAC Health System Reveals a Security Incident-01

Social Action Community Health System (“SAC Health”) is providing notice of a recent event that may affect the privacy of certain patient information.  This notification provides information about the event, SAC Health’s response to it, and resources available to individuals to help protect their information, should they feel it necessary to do so.

What Happened?  On March 4, 2022, SAC Health became aware of a break-in to an off-site storage facility where certain limited patient records were housed.  Six boxes of paper documents were removed from the facility without authorization.  We immediately began working with local authorities to determine the nature and scope of this event and launched a thorough investigation into this matter. SAC Health was able to confirm that certain limited patient documents were impacted by this theft.

On April 22, 2022, SAC Health determined that the impacted files related to certain patients served by SAC Health in 1997 and between 2006 and 2020. On May 3, 2022, SAC Health began notifying the potentially impacted population.

What Information Was Involved?  SAC Health’s analysis revealed that the types of information held by SAC Health and potentially in the stolen storage containers may include name, address, date of birth, and diagnosis codes.

How Will Individuals Know If They Are Affected By This Incident? Based on the nature of access to the information, SAC Health concluded that the extent of the access is limited to impacted files related to certain patients served by SAC in 1997 and between 2006 and 2020.  Out of an abundance of caution, SAC Health is sending notice to all individuals included in that population.

Also Read: Three Strategies to Avoid the Compliance Officer Burnout

What Is SAC Health Doing? Upon learning of this incident, SAC Health moved quickly to investigate and respond. SAC Health is assessing all policies and procedures related to the storage of paper data. Although SAC Health is unaware of any actual or attempted misuse of information as a result of this incident, SAC Health is offering affected individuals access to complimentary credit monitoring through Equifax. In addition, SAC Health is providing notice to appropriate regulatory authorities

Has the information been misused? At this time, there is no evidence that there has been any use, or attempted use of the information potentially exposed in this incident.

What You Can Do. SAC Health encourages individuals to remain vigilant against incidents of identity theft and fraud, to review account statements and explanation of benefits forms, and to monitor free credit reports for suspicious activity and to detect errors. Under U.S. law individuals are entitled to one free credit report annually from each of the three major credit reporting bureaus.

Individuals can further educate themselves regarding identity theft, fraud alerts, security freezes, and steps to protect their information by contacting the Federal Trade Commission or the California Attorney General. Instances of known or suspected identity theft should be reported to law enforcement and the state attorney general.

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.