STOUGHTON, Mass., Feb. 7, 2020 /PRNewswire/ — Shields provides specialty pharmacy services to hospitals and other covered entities. On October 24, 2019, Shields learned of suspicious activity related to an employee’s email account. Shields immediately took steps to secure the account and worked with a cybersecurity firm to assist with our investigation. The investigation determined that an unauthorized person gained access to a single employee email account between October 22, 2019 and October 24, 2019. However, the investigation determined that the account contained some patient records, including names, dates of birth, medical record numbers, provider names, prescription information, clinical information, insurer names, and limited claims information. The information did not include patient Social Security numbers or financial account information.
Shields has no indication that any information has been accessed or misused. However, in an abundance of caution, it mailed notification letters to patients whose information was found in the account. Shields has also established a dedicated call center to answer any question patients may have. Patients who believe they have been affected by the incident and do not receive a letter by March 2, 2020, you may call 844-967-1230 from Monday through Friday between the hours of 9:00 a.m. and 6:30 p.m. Eastern Time.
Shields recommends affected patients review statements received from health care providers. If there are services the patients did not receive, they should contact the provider immediately. To help prevent something like from happening in the future, Shields is taking steps to further enhance the organization’s data security procedures, including implementing multi-factor authentication on employee email accounts.
For more information, please visit http://info.shieldshealthsolutions.com/notice-of-data-security-incident.
SOURCE Shields Health Solutions