NASHVILLE, Tenn., Feb. 14, 2020 /PRNewswire/ — Tennessee Orthopaedic Alliance (“TOA”) has learned of a data security incident that involved protected health information belonging to certain current and former patients. On February 14, 2020, TOA notified potentially impacted individuals and provided resources to assist them.
On October 18, 2019, TOA detected unusual activity in its email environment and soon thereafter learned an unauthorized third party may have gained access to an employee’s email account. Once discovered, TOA secured its email system, immediately began an investigation, and engaged a leading digital forensics firm to determine the scope of the incident. Based on the digital forensic firm’s findings, it was determined that two TOA employee email accounts were subject to unauthorized access between August 16 and October 14, 2019. On January 3, 2020, the investigation revealed that data containing individuals’ personal or health information within two email accounts may have been affected. This information may have included names, dates of birth, contact information (addresses, phone numbers and email addresses), Social Security numbers, health insurance information, treatment or diagnostic information (including codes), and/or treatment cost information. The incident was limited to information transmitted via email and did not affect any other information systems.
TOA completed a thorough review of the affected accounts to determine whose personal or health information may have been impacted by the incident, and to provide notification to those affected. TOA has no evidence that any of the information potentially involved in this incident has been misused, but has reported this matter to the FBI and will cooperate as necessary to hold the perpetrators accountable.
Notification letters were sent to potentially impacted individuals on February 14, 2020. The letters include information about this incident and about steps that potentially impacted individuals can take to monitor and help protect their personal information. TOA has established a toll-free call center to answer questions about the incident and to address related concerns. The call center can be reached at 1-844-936-0059, Monday through Friday from 8 a.m. to 5:30 p.m. Central Time. In addition, as a precaution, TOA is offering complimentary identity protection services through Kroll to those individuals whose Social Security numbers were potentially impacted in connection with this incident. To determine if you qualify for this service, you must obtain verification through the call center. If your Social Security number has been potentially impacted, information on how to enroll for this service will be made available to you.
The privacy and protection of private information is a top priority for TOA. TOA deeply regrets any inconvenience or concern this incident may cause.
SOURCE Tennessee Orthopaedic Alliance