Bellin Health is mailing letters to some of its patients whose information may have been involved in a recent cybersecurity breach in October.
Bellin Health’s monitoring systems identified unauthorized activity on a limited portion of its computer network Oct. 27 and staff immediately responded to contain the activity.
An investigation determined that an unauthorized third party accessed a specific electronic folder that stored copies of archived, scanned documents related to the purchase of home care equipment dated between 2006 and 2013, and obtained files from the folder. The documents included information such as patients’ names and one or more of the following: address, phone number, date of birth and/or certain health information related to home care equipment. A limited number of documents include Social Security numbers, which a the time were sometimes used as Medicare ID numbers. (This is no longer done.) Bellin’s electronic medical record system was not involved or accessed.
Beginning this week, Bellin is mailing letters to individuals whose information may have been involved in this event and is also providing individuals whose Social Security numbers were involved with complimentary credit monitoring and identity theft protection services. Patients are encouraged to review statements from their health insurer and healthcare providers, and to contact them immediately if they see any services they did not receive.
Patients with questions can call Bellin’s dedicated call center at 1-888-988-0385, from 8 a.m. to 8 p.m. Central Time, Monday through Friday, excluding major U.S. holidays. More information is available at bellin.org/dataincident.
