San Diego Family Care Notifies Patients of Data Security Incident

SAN DIEGO, May 7, 2021 /PRNewswire/ — San Diego Family Care («SDFC») has learned of a data security incident that…

SAN DIEGO, May 7, 2021 /PRNewswire/ — San Diego Family Care («SDFC») has learned of a data security incident that may have impacted personal and protected health information belonging to certain current and former SDFC patients and employees. SDFC has sent notification of this incident to potentially impacted individuals and has provided resources to assist them.

In December 2020, SDFC and its business associate, Health Center Partners of Southern California (HCP), became aware that their information technology hosting provider experienced a data security incident that resulted in the encryption of certain data. The hosting provider took steps to secure and restore its systems and launched an investigation with the assistance of computer forensics experts. At that time, SDFC did not know what, if any, data belonging to SDFC or HCP may have been involved in the incident.

On January 20, 2021, SDFC learned that, based on its hosting provider’s investigation into the incident, certain SDFC and HCP data may have been accessed or acquired by an unauthorized individual. SDFC obtained a copy of the impacted data and engaged experts to conduct a thorough review to identify individuals whose information may have been involved in the incident. That review concluded on April 12, 2021. SDFC then took steps to identify current mailing addresses in order to effectuate notification to potentially impacted individuals.

There is no evidence of the misuse of any information potentially involved in this incident.  However, on May 7, 2021, SDFC provided notice of this incident to potentially impacted individuals. In so doing, SDFC provided information about the incident and about steps that potentially impacted individuals can take to protect their personal information. SDFC takes the security of patient information very seriously and is taking steps to prevent a similar event from occurring in the future.

The following personal and protected health information may have been involved in the incident: individuals’ names, Social Security numbers or other government identification numbers, financial account numbers, dates of birth, medical diagnosis or treatment information, health insurance information, and/or client identification numbers. However, not all of these data elements were affected for all individuals.

SDFC has established a toll-free call center to answer questions about the incident and to address related concerns. Call center representatives are available Monday through Friday from 6:00 am – 6:00 pm Pacific Time and can be reached at (833) 664-1997. 

The privacy and protection of personal and protected health information is a top priority for SDFC, which deeply regrets any inconvenience or concern this incident may cause.

Cision View original content:http://www.prnewswire.com/news-releases/san-diego-family-care-notifies-patients-of-data-security-incident-301286908.html

SOURCE San Diego Family Care