Welcome!

News Feed Item

California healthcare provider acts to notify individuals of potential personal information access related to former employee

LOS ANGELES, Aug. 29, 2014 /PRNewswire-USNewswire/ -- As part of its ongoing commitment to privacy and data security, AltaMed Health Services is notifying affected individuals of a recent incident that may affect the security of their personal and protected health information. 

The organization learned from local law enforcement of an ongoing criminal investigation of a former AltaMed temporary employee, and other individuals unaffiliated with the organization, on suspicion of identity theft on June 30, 2014.  No arrests have been made and law enforcement's investigation is ongoing; however, law enforcement disclosed it recovered a hard drive and other evidence during its investigation, that this hard drive and evidence may include the organization's records, and that it believes this information may have been misused by participants in the identity theft ring currently under investigation.

Upon learning of this, the organization launched an internal investigation into the matter to determine what AltaMed records this individual may have accessed during her employment.  The organization retained information privacy and data security legal counsel to assist with its investigation. This investigation is ongoing.

The organization's investigation has thus far revealed this employee may have accessed electronic and paper records relating to individuals that attended one of its community events in Orange and Los Angeles Counties.  The employee was hired on a temporary basis to assist the organization in its response to the recent influx of health care enrollments.  During this investigation, the organization confirmed this individual did not have access to patient medical or billing records, and only had access to records and documents that were primarily used for marketing purposes.  These records contain a combination of one or more of the following: name, email address, telephone number, Social Security number, provider information, insurance information, date of birth, and address.

The organization takes the security of personal and protected health information very seriously and is undertaking efforts to mitigate the risk of this happening again.  On August 29, 2014, the organization will issue notice of this incident to those 2,995 individuals with marketing records accessed by this employee during her employment and for whom it has sufficient address information.  Additionally, the organization is issuing this press release and conspicuously posting notice of this incident on its website.  The organization is providing notice to the California Department of Health, the California Attorney General's office, and the U.S. Department of Health and Human Services, as well.   Should the organization's ongoing investigation reveal additional individuals potentially affected by this incident, it will issue notice to these individuals as well.   

The organization encourages individuals to remain vigilant, to review account statements, and to monitor credit reports and explanation of benefits forms for suspicious activity.  Under U.S. law individuals are entitled to one free credit report annually from each of the three major credit reporting bureaus.  This free credit report can be obtained by visiting www.annualcreditreport.com or calling, toll-free, 1-877-322-8228.  Individuals may also contact the three major credit bureaus directly to request a free copy of their credit report.

At no charge, individuals can also have these credit bureaus place a "fraud alert" on their file that alerts creditors to take additional steps to verify their identity prior to granting credit in their names.  Note, however, that because it tells creditors to follow certain procedures to protect individuals, it may also delay their ability to obtain credit while the agency verifies the individual's identity.  As soon as one credit bureau confirms an individual's fraud alert, the others are notified to place fraud alerts on that individual's file.  Any individual wishing to place a fraud alert, or who has any questions regarding their credit report, can contact any one of the following agencies:  Equifax, PO Box 105069, Atlanta, GA 30348, 800-525-6285, www.equifax.com; Experian, PO Box 2002, Allen, TX 75013, 888-397-3742, www.experian.com; TransUnion, PO Box 2000, Chester, PA 19022-2000, 800-680-7289, www.transunsion.com.  For information about medical privacy rights, individuals may visit the website of the California Department of Justice, Privacy Enforcement and Protection Unit at www.privacy.ca.gov.

Individuals can also further educate themselves regarding identity theft, and the steps they can take to protect themselves, by contacting their state Attorney General or the Federal Trade Commission.  The Federal Trade Commission also encourages those who discover that their information has been misused to file a complaint with them.  The Federal Trade Commission can be reached at: 600 Pennsylvania Avenue, NW, Washington, DC 20580, www.ftc.gov/bcp/edu/microsites/idtheft/, 1-877-ID-THEFT (1-877-438-4338); TTY: 1-866-653-4261.  Instances of known or suspected identity theft should be reported to law enforcement, your Attorney General, and the FTC. Individuals can also further educate themselves about placing a fraud alert or security freeze on their credit file by contacting the FTC or their state's Attorney General. 

The organization has established a confidential inquiry line, staffed with professionals trained in identity and credit protection and restoration, and familiar with this incident and the contents of this notice.  This confidential inquiry line is available Monday through Saturday, 6:00 a.m. to 6:00 p.m. P.S.T. at 877-579-2263.

SOURCE AltaMed Health Services

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, whic...
While presenting own advanced Robo-Advisory Platform, Michał Różański, Managing Partner at EARP and CEO at Empirica, will illustrate the most important issues of building tailored FinTech software in his session at 20th Cloud Expo. He will share experiences we have gained for over 6 years of developing solutions for financial institutions and FinTech companies, including robo-advisors. We welcome all FinTech innovators interested in how properly implemented technology can move their businesses f...
Detecting internal user threats in the Big Data eco-system is challenging and cumbersome. Many organizations monitor internal usage of the Big Data eco-system using a set of alerts. This is not a scalable process given the increase in the number of alerts with the accelerating growth in data volume and user base. Organizations are increasingly leveraging machine learning to monitor only those data elements that are sensitive and critical, autonomously establish monitoring policies, and to detect...
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @ThingsExpo Silicon Valley Call for Papers is now open.
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm.
Most DevOps journeys involve several phases of maturity. Research shows that the inflection point where organizations begin to see maximum value is when they implement tight integration deploying their code to their infrastructure. Success at this level is the last barrier to at-will deployment. Storage, for instance, is more capable than where we read and write data. In his session at @DevOpsSummit at 20th Cloud Expo, Josh Atwell, a Developer Advocate for NetApp, will discuss the role and valu...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm. In his Day 3 Keynote at 20th Cloud Expo, Chris Brown, a Solutions Marketing Manager at Nutanix, will explore t...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend @CloudExpo | @ThingsExpo, June 6-8, 2017, at the Javits Center in New York City, NY and October 31 - November 2, 2017, Santa Clara Convention Center, CA. Learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
Automation is enabling enterprises to design, deploy, and manage more complex, hybrid cloud environments. Yet the people who manage these environments must be trained in and understanding these environments better than ever before. A new era of analytics and cognitive computing is adding intelligence, but also more complexity, to these cloud environments. How smart is your cloud? How smart should it be? In this power panel at 20th Cloud Expo, moderated by Conference Chair Roger Strukhoff, pane...
SYS-CON Events announced today that SoftLayer, an IBM Company, has been named “Gold Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York, New York. SoftLayer, an IBM Company, provides cloud infrastructure as a service from a growing number of data centers and network points of presence around the world. SoftLayer’s customers range from Web startups to global enterprises.
SYS-CON Events announced today that delaPlex will exhibit at SYS-CON's @ThingsExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. delaPlex pioneered Software Development as a Service (SDaaS), which provides scalable resources to build, test, and deploy software. It’s a fast and more reliable way to develop a new product or expand your in-house team.
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).
SYS-CON Events announced today that Tintri, Inc, a leading provider of enterprise cloud infrastructure, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Tintri offers an enterprise cloud platform built with public cloud-like web services and RESTful APIs. Organizations use Tintri all-flash storage with scale-out and automation as a foundation for their own clouds – to build agile development environments...
SYS-CON Events announced today that DivvyCloud will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. DivvyCloud software enables organizations to achieve their cloud computing goals by simplifying and automating security, compliance and cost optimization of public and private cloud infrastructure. Using DivvyCloud, customers can leverage programmatic Bots to identify and remediate common cloud problems in rea...
SYS-CON Events announced today that Carbonite will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Carbonite protects your entire IT footprint with the right level of protection for each workload, ensuring lower costs and dependable solutions with DoubleTake and Evault.