Episcopal Health Services—notice of data privacy event

Nov. 16, 2018

On Sept. 18, Episcopal Health Services became aware of suspicious activity in employee email accounts. They immediately began an investigation to determine what happened and what information may have been affected. With the assistance of third party forensic investigators, they determined that certain employee email accounts were subject to unauthorized access between Aug. 28 and Oct. 5. These email accounts were then reviewed to determine whether they contained any protected health or personal information. On Nov. 1,  Episcopal Health Services determined that the accounts subject to unauthorized access contained protected health information of certain individuals. Episcopal Health Services is not aware of any reported attempted or actual misuse of any personal information as a result of this event. The types of information contained within the potentially impacted emails are: Social Security number, date of birth, financial account information, medical history information, prescription information, medical record number, treatment or diagnosis information, and health insurance information or policy number. The types of information varied by individual.

On Nov. 15, Episcopal Health Services began mailing notice letters to individuals whose information was contained within the impacted accounts and for whom they had a postal address. Episcopal Health Services has offered potentially impacted individuals access to credit monitoring and identity theft protection services for one year without charge.

Episcopal Health Services encourages potentially impacted individuals to remain vigilant against incidents of identity theft and fraud, to review account statements, and to monitor their credit reports and explanation of benefits forms for suspicious activity. Episcopal Health Services is providing potentially impacted individuals with contact information for the three major credit reporting agencies, as well as providing advice on how to obtain free credit reports and how to place fraud alerts and security freezes on their credit files. Pursuant to federal law, you cannot be charged to place or lift a security freeze on your credit report.

PR Newswire has the full release

Sponsored Recommendations

Explore how healthcare leaders are shifting from reactive maintenance to proactive facility strategies. Learn how data-driven planning and strategic investment can boost operational...
Navigate healthcare's facility challenges. Get strategies to protect assets and ensure long-term stability.
Join Claroty, Cisco, and Children's Hospital Los Angeles (CHLA) on-demand as they uncover the reasons behind common pitfalls encountered by hospitals in network segmentation efforts...
Cyber-physical systems (CPS) in healthcare encompass OT assets and systems, along with a proliferation of connected devices. This includes clinical assets, medical devices, building...