Notice of Data Incident to the Past and Present Patients of the Eye Institute of Marin
SAN RAFAEL, Calif., Nov. 18, 2016 /PRNewswire/ -- On 8/22/16, the Eye Institute of Marin received confirmed notice from their electronic medical record (EMR) provider that their system was subject to a malware attack on 7/26/16. The EMR provider became aware of the incident on 7/27/16, and the Eye Institute of Marin is informed that the provider promptly secured their systems.
The Eye Institute of Marin immediately requested further information to understand what happened and to determine which patients might be affected. On 9/14/16, it was provided further detail of the events, and learned that the EMR provider experienced a ransomware infection.
Ransomware is malware that restricts access to the computer system it infects, and demands that a ransom be paid to the malware creator to remove the restriction. A third party forensic IT firm hired to investigate this incident found no evidence that patient information was viewed, transferred or accessed. However, during the restoration process of their system, one of the EMR backup systems caused the loss of consultation notes between 7/11/16 and 7/26/16. The Eye Institute of Marin sent initial notifications to patients it believed might be affected by the consultation note loss on 10/18/16. Further notices are being sent to all patients on 11/18/16.
The EMR system contains patients' full name, address, telephone number, date of birth, gender, race, social security number (if provided to us), medical history, prescriptions, diagnoses, insurance and health visit information, emergency contact information, and charges and payments. The system does not contain personal financial information (i.e. no credit card nor bank information).
Additionally, if you visited the Eye Institute of Marin between 7/11/16 and 7/26/16, your consultation note might have been lost in the recovery process. This information included that visit's: vital signs, clinical history, and any records of the communication between us. Further, if you had a refraction exam between 7/11/16 and 7/26/16, the results may have also been lost. However, you were given a copy of the prescription for your eye glasses. Please call the office for verification that you have a copy of your glasses prescription. If you do not still have a copy and the results were erroneously destroyed, we will provide you a complimentary refraction re-examination through 12/31/16.
Though there is no evidence that patient information was viewed, transferred nor accessed, given the breadth of information on the system we understand you may want to place a free 90 day fraud alert on your accounts. If so, contact: Equifax (1-888-766-0008; P.O. Box 740241, Atlanta, GA 30374); Experian (1-888-397-3742; P.O. Box 4500, Allen, TX 75013); TransUnion (1-800-680-7289; P.O. Box 2000, Chester, PA 19022-2000). You are also entitled to an annual free credit report at www.annualcreditreport.com.
Protecting your information is incredibly important to us. If you have any questions, please call toll free number 844-319-9615; or write 4000 Civic Center Drive, Suite 200A, San Rafael, CA 94903.
To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/notice-of-data-incident-to-the-past-and-present-patients-of-the-eye-institute-of-marin-300364558.html
SOURCE Eye Institute of Marin