SYS-CON MEDIA Authors: Carmen Gonzalez, Sean Houghton, Glenn Rossman, Ignacio M. Llorente, Xenia von Wedel

News Feed Item

California healthcare provider acts to notify individuals of potential personal information access related to former employee

LOS ANGELES, Aug. 29, 2014 /PRNewswire-USNewswire/ -- As part of its ongoing commitment to privacy and data security, AltaMed Health Services is notifying affected individuals of a recent incident that may affect the security of their personal and protected health information. 

The organization learned from local law enforcement of an ongoing criminal investigation of a former AltaMed temporary employee, and other individuals unaffiliated with the organization, on suspicion of identity theft on June 30, 2014.  No arrests have been made and law enforcement's investigation is ongoing; however, law enforcement disclosed it recovered a hard drive and other evidence during its investigation, that this hard drive and evidence may include the organization's records, and that it believes this information may have been misused by participants in the identity theft ring currently under investigation.

Upon learning of this, the organization launched an internal investigation into the matter to determine what AltaMed records this individual may have accessed during her employment.  The organization retained information privacy and data security legal counsel to assist with its investigation. This investigation is ongoing.

The organization's investigation has thus far revealed this employee may have accessed electronic and paper records relating to individuals that attended one of its community events in Orange and Los Angeles Counties.  The employee was hired on a temporary basis to assist the organization in its response to the recent influx of health care enrollments.  During this investigation, the organization confirmed this individual did not have access to patient medical or billing records, and only had access to records and documents that were primarily used for marketing purposes.  These records contain a combination of one or more of the following: name, email address, telephone number, Social Security number, provider information, insurance information, date of birth, and address.

The organization takes the security of personal and protected health information very seriously and is undertaking efforts to mitigate the risk of this happening again.  On August 29, 2014, the organization will issue notice of this incident to those 2,995 individuals with marketing records accessed by this employee during her employment and for whom it has sufficient address information.  Additionally, the organization is issuing this press release and conspicuously posting notice of this incident on its website.  The organization is providing notice to the California Department of Health, the California Attorney General's office, and the U.S. Department of Health and Human Services, as well.   Should the organization's ongoing investigation reveal additional individuals potentially affected by this incident, it will issue notice to these individuals as well.   

The organization encourages individuals to remain vigilant, to review account statements, and to monitor credit reports and explanation of benefits forms for suspicious activity.  Under U.S. law individuals are entitled to one free credit report annually from each of the three major credit reporting bureaus.  This free credit report can be obtained by visiting www.annualcreditreport.com or calling, toll-free, 1-877-322-8228.  Individuals may also contact the three major credit bureaus directly to request a free copy of their credit report.

At no charge, individuals can also have these credit bureaus place a "fraud alert" on their file that alerts creditors to take additional steps to verify their identity prior to granting credit in their names.  Note, however, that because it tells creditors to follow certain procedures to protect individuals, it may also delay their ability to obtain credit while the agency verifies the individual's identity.  As soon as one credit bureau confirms an individual's fraud alert, the others are notified to place fraud alerts on that individual's file.  Any individual wishing to place a fraud alert, or who has any questions regarding their credit report, can contact any one of the following agencies:  Equifax, PO Box 105069, Atlanta, GA 30348, 800-525-6285, www.equifax.com; Experian, PO Box 2002, Allen, TX 75013, 888-397-3742, www.experian.com; TransUnion, PO Box 2000, Chester, PA 19022-2000, 800-680-7289, www.transunsion.com.  For information about medical privacy rights, individuals may visit the website of the California Department of Justice, Privacy Enforcement and Protection Unit at www.privacy.ca.gov.

Individuals can also further educate themselves regarding identity theft, and the steps they can take to protect themselves, by contacting their state Attorney General or the Federal Trade Commission.  The Federal Trade Commission also encourages those who discover that their information has been misused to file a complaint with them.  The Federal Trade Commission can be reached at: 600 Pennsylvania Avenue, NW, Washington, DC 20580, www.ftc.gov/bcp/edu/microsites/idtheft/, 1-877-ID-THEFT (1-877-438-4338); TTY: 1-866-653-4261.  Instances of known or suspected identity theft should be reported to law enforcement, your Attorney General, and the FTC. Individuals can also further educate themselves about placing a fraud alert or security freeze on their credit file by contacting the FTC or their state's Attorney General. 

The organization has established a confidential inquiry line, staffed with professionals trained in identity and credit protection and restoration, and familiar with this incident and the contents of this notice.  This confidential inquiry line is available Monday through Saturday, 6:00 a.m. to 6:00 p.m. P.S.T. at 877-579-2263.

SOURCE AltaMed Health Services

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at @ThingsExpo, Robin Raymond, Chief Architect...
What do a firewall and a fortress have in common? They are no longer strong enough to protect the valuables housed inside. Like the walls of an old fortress, the cracks in the firewall are allowing the bad guys to slip in - unannounced and unnoticed. By the time these thieves get in, the damage is already done and the network is already compromised. Intellectual property is easily slipped out the back door leaving no trace of forced entry. If we want to reign in on these cybercriminals, it's hig...
We are reaching the end of the beginning with WebRTC, and real systems using this technology have begun to appear. One challenge that faces every WebRTC deployment (in some form or another) is identity management. For example, if you have an existing service – possibly built on a variety of different PaaS/SaaS offerings – and you want to add real-time communications you are faced with a challenge relating to user management, authentication, authorization, and validation. Service providers will w...
"ElasticBox is an enterprise company that makes it very easy for developers and IT ops to collaborate to develop, build and deploy applications on any cloud - private, public or hybrid," stated Monish Sharma, VP of Customer Success at ElasticBox, in this SYS-CON.tv interview at DevOps Summit, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The term culture has had a polarizing effect among DevOps supporters. Some propose that culture change is critical for success with DevOps, but are remiss to define culture. Some talk about a DevOps culture but then reference activities that could lead to culture change and there are those that talk about culture change as a set of behaviors that need to be adopted by those in IT. There is no question that businesses successful in adopting a DevOps mindset have seen departmental culture change, ...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Ar...
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.
The 4th International DevOps Summit, co-located with16th International Cloud Expo – being held June 9-11, 2015, at the Javits Center in New York City, NY – announces that its Call for Papers is now open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's large...
DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete...
The definition of IoT is not new, in fact it’s been around for over a decade. What has changed is the public's awareness that the technology we use on a daily basis has caught up on the vision of an always on, always connected world. If you look into the details of what comprises the IoT, you’ll see that it includes everything from cloud computing, Big Data analytics, “Things,” Web communication, applications, network, storage, etc. It is essentially including everything connected online from ha...
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, a...
Connected devices and the Internet of Things are getting significant momentum in 2014. In his session at Internet of @ThingsExpo, Jim Hunter, Chief Scientist & Technology Evangelist at Greenwave Systems, examined three key elements that together will drive mass adoption of the IoT before the end of 2015. The first element is the recent advent of robust open source protocols (like AllJoyn and WebRTC) that facilitate M2M communication. The second is broad availability of flexible, cost-effective ...
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using ...
"SAP had made a big transition into the cloud as we believe it has significant value for our customers, drives innovation and is easy to consume. When you look at the SAP portfolio, SAP HANA is the underlying platform and it powers all of our platforms and all of our analytics," explained Thorsten Leiduck, VP ISVs & Digital Commerce at SAP, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.