Posted On June 7, 2022 Consumer Privacy & Data Breaches
June 7, 2022 – Associated Ophthalmologists of Kansas City, PC reported a data breach after the company was targeted in a recent cybersecurity attack. As a result of the breach, the name, address, date of birth, social security number, diagnostic information, and health insurance information of certain individuals was compromised. The Associated Ophthalmologists of Kansas City data breach is believed to have impacted as many as 13461 individuals. On May 31, 2022, Associated Ophthalmologists of Kansas City sent out data breach letters to those individuals whose information was affected by the breach.
The data breach lawyers at Console & Associates, P.C. are going to begin interviewing victims of the breach to determine what damages they sustained and what legal claims may be available to them. If you recently received a NOTICE OF DATA BREACH from Associated Ophthalmologists of Kansas City, PC, contact us at (866) 778-5500 to discuss your legal options, or submit a confidential contact form for a free case evaluation.
Below is a portion of the letter that Associated Ophthalmologists of Kansas City sent to individuals affected by the data breach:
Associated Ophthalmologists of Kansas City, P.C. (“AOKC”) is an ophthalmology clinic located in Kansas City, Missouri. In 2021, AOKC was using the electronic medical records platform “myCare Integrity,” which was provided by the practice performance company Eye Care Leaders (“ECL”). We are writing in order to inform you that some of your sensitive personal information may have been stored on the myCare Integrity system at the time of a data security incident suffered by Eye Care Leaders in 2021. This is a precautionary notice, and we have no evidence to suggest that your personal information was actually compromised. We take the security of your personal information seriously and want to provide you with information and resources you can use to protect your information.
What Happened and What Information was Involved:
According to Eye Care Leaders, on or around December 4, 2021, an unauthorized party accessed myCare Integrity data and deleted databases and system configuration files. According to Eye Care Leaders, upon identifying the activity, Eye Care Leaders’ incident response team immediately stopped the unauthorized access and began investigating the incident. Notably, there was no evidence that this incident involved unauthorized access to any of AOKC’s patient records. However, a lack of available forensic evidence prevented Eye Care Leaders from ruling out the possibility that some protected health information and personally identifiable information may have been exposed to the bad actor. The following categories of your information may have been stored on the myCare Integrity platform at the time of this incident: name, address, date of birth, social security number, diagnostic information, and health insurance information. However, as stated above, there was no evidence that this information was actually accessed by the bad actor. As of this writing, AOKC has not received any reports of identity theft related to this incident.
What We Are Doing:
In response to this incident, we are mailing letters to patients whose information was stored on the myCare Integrity solution at the time of the incident. This data security incident occurred entirely within Eye Care Leaders’ network environment, and there were no other remedial actions available to AOKC. We recommend that patients whose information was stored on myCare Integrity to review the statements they receive from their healthcare providers. If they see any services that were not received, they should contact the provider immediately. We value the safety of your personal information, and are therefore offering credit monitoring and identity theft protection services through IDX, a leading identity protection technology company. These services include: 24 months of credit monitoring and fully managed identity theft recovery services. With this protection, IDX will help you resolve issues if your identity is compromised.
What You Can Do:
We encourage you to contact IDX with any questions and enroll in free IDX services by calling [Redacted] or going to [Redacted] and using the Enrollment Code provided above. IDX is available Monday through Friday 8 am to 8 pm Central Time. Please note the deadline to enroll is August 31, 2022. IDX representatives have been fully versed on the incident and can answer questions or concerns you may have regarding protection of your personal information. Enclosed you will find additional information regarding the resources available to you, and the steps that you can take to further protect your personal information.