University of Florida Medical Clinic Acknowledges Security Breach

An employee working at a University of Florida (UF) medical clinic who had ties to an identity theft ring may have compromised patient personal and health information, according to UF officials.

The Office of the State Attorney, the Internal Revenue Service and the U.S. Secret Service allege a UF employee acquired patient insurance information, including names, addresses, dates of birth and Social Security numbers, and may have sold some of the information to a third party.

The university learned of the alleged incident on Oct. 25, when an identity theft ring that targeted several hospitals and health clinics in the state of Florida was uncovered. Law enforcement prohibited UF from notifying patients until the criminal investigation was completed.

UF is notifying 14,339 patients of the UF&Shands Family Medicine at Main practice that they should take appropriate measures to protect themselves from identity theft. So far, UF has been unable to locate current addresses for 450 patients. The university is asking anyone who was a patient between March 2009 and October 2012 and does not receive a letter to telephone the UF call center listed below to find out if he or she may be affected.

“We share our patients’ frustration regarding this situation and regret that it happened,” Susan Blair, chief privacy officer for the University of Florida, said in a statement. “We are committed to serving our patients and helping them get through any problems that arise stemming from this incident.”