Posted On June 16, 2022 Consumer Privacy & Data Breaches
June 16, 2022 – Sight Partners Physicians PC reported a data breach after the company was targeted in a recent cybersecurity attack. As a result of the breach, the full name, address, date of birth, medical information, including provider’s name, medical record number, treatment, diagnosis, and/or prescription information of certain individuals was compromised. It is unknown how many individuals were affected by the Sight Partners Physicians. On June 14, 2022, Sight Partners Physicians sent out data breach letters to those individuals whose information was affected by the breach.
The data breach lawyers at Console & Associates, P.C. are going to begin interviewing victims of the breach to determine what damages they sustained and what legal claims may be available to them. If you recently received a NOTICE OF DATA BREACH from Sight Partners Physicians PC, contact us at (866) 778-5500 to discuss your legal options, or submit a confidential contact form for a free case evaluation.
Below is a portion of the letter that Sight Partners Physicians sent to individuals affected by the data breach:
Dear [Redacted],
Sight Partners Physicians, P.C. (“Sight Partners”) is writing to notify you of a recent incident experienced by our third-party vendor, Eye Care Leaders (“ECL”), that may affect the security of some of your information. Although there is no indication that your information has been misused in relation to this incident, we are providing you with information about the incident, our response to it, and what you may do to better protect your personal information, should you feel it appropriate to do so.
What Happened?
On or about April 15, 2022, Sight Partners was informed by its former third-party Electronic Health Record (“EHR”) hosting vendor, ECL, that ECL experienced a cyber-attack. Sight Partners’ historical patient records are stored in ECL’s Integrity EHR system. ECL reported that the incident occurred on or about December 4, 2021, and impacted some ECL databases where patient records are maintained. ECL conducted an investigation in an effort to confirm the nature and scope of the incident. Although the investigation was unable to determine whether files stored in the impacted databases had actually been viewed or taken by the unauthorized actor, ECL could not rule out the possibility of such activity. Therefore, in an abundance of caution, Sight Partners ran reports through the practice management system in an effort to identify the patient information that would be stored in the ECL database, and it was determined that your information may have been impacted.
What Information was Involved?
The following types of Sight Partners’ patient information are stored by ECL and may have been present in the impacted ECL databases at the time of the incident: full name, address, date of birth, medical information, including provider’s name, medical record number, treatment, diagnosis, and/or prescription information. Sight Partners did not store patients’ Social Security numbers, financial account information, and health insurance information in the ECL database and that information was not impacted by this event.
What We Are Doing.
Sight Partners takes this event and the security of information in our care very seriously. In June 2021, prior to the occurrence of this event, Sight Partners ceased using ECL as its EHR vendor. As such, all data stored in Sight Partner’s Integrity EHR system predates June 2021. In addition to notifying potentially impacted patients of this event, Sight Partners is notifying appropriate governmental regulators, including the U.S. Department of Health and Human Services. ECL also notified law enforcement including the FBI of the incident. Although we are unaware of any misuse of your information as a result of this incident, as an added precaution, Sight Partners is offering you [Redacted] months of identity and credit monitoring services at no cost to you through Experian. For more information on these services, please review the enclosed Steps You Can Take to Help Protect Personal Information. Please follow the instructions provided below to enroll in the identity and credit monitoring services Sight Partners is making available to you, as we are unable to enroll you in these services on your behalf.
What You Can Do.
Sight Partners encourages you to remain vigilant against incidents of identity theft and fraud by reviewing your account statements, explanations of benefits, and monitoring your credit reports for suspicious activity and to detect errors. Please review the enclosed Steps You Can Take to Help Protect Personal Information which contains information on what you can do to better protect against possible misuse of your information. You may also enroll in the free credit monitoring services Sight Partners is providing to you.
For More Information.
We understand that you may have questions about this incident that are not addressed in this letter. If you have additional questions, please call our dedicated call center at (866) 579-4744. This toll-free line is available Monday through Friday 8 am – 10 pm CST, Saturday and Sunday 10 am – 7 pm CST (excluding major U.S. holidays).
