BROOKVILLE – Penn Highlands Brookville, a healthcare service for the Brookville area, today confirmed a data security incident, which may involve personal information for patients of Barry J. Snyder, MD.
On Aug. 14, Penn Highlands Brookville discovered that a computer server containing patient information for Snyder was compromised when a third-party intruder potentially had access to information contained on the server.
Snyder’s office, located in Fairmount City, did not experience the data security event directly, but rather a third-party vendor located in Ohio hired to maintain records for Snyder may have been compromised.
The types of information affected may include a patient’s name, address, date of birth, driver’s license number, Social Security number, phone number, insurance information, medical information and gender.
Forensics experts cannot verify with 100 percent certainty that the data security event occurred, but Penn Highlands Brookville is providing notice to affected patients so that they may take steps to protect their identity if they feel it is necessary.
Upon discovering this possible compromise, Penn Highlands Brookville acted quickly and responsibly in hiring national security and computer forensics experts to thoroughly investigate this matter to protect patients in this practice.
Following its discovery of the incident, Penn Highlands Brookville has taken efforts to have the third-party vendor remove and destroy the data contained on the affected server, and Snyder’s patient information has been moved to a secure server.
Penn Highlands Brookville is providing a toll-free information line to address patient questions and concerns regarding the incident, and has engaged Kroll Inc. to provide identity monitoring and identity protection services to affected individuals. Customers can call toll-free, 855-401-2640, Monday through Friday, 9 a.m. – 6 p.m. (eastern time).
Penn Highlands Brookville encourages its patients to remain vigilant by reviewing account statements for any unusual activity, notifying their credit card companies, and monitoring their credit reports. Under U.S. law, individuals are entitled to one free credit report annually from each of the three major credit bureaus. To obtain a free credit report, visit www.annualcreditreport.com or call, toll-free, 877-322-8228.
At no charge, an individual can also have these credit bureaus place a “fraud alert” on their files that alerts creditors to take additional steps to verify their identity prior to granting credit in their names.
Please note, however, that because it tells creditors to follow certain procedures to protect the individual’s credit, it may also delay the ability to obtain credit while the agency verifies the individual’s identity.
As soon as one credit bureau confirms an individual’s fraud alert, the others are notified to place fraud alerts on that individual’s file. Any individual wishing to place a fraud alert, or who has questions regarding their credit report, can contact any one of the following agencies: Equifax, P.O. Box 105069, Atlanta, GA 30348-5069, 800-525-6285,www.equifax.com; Experian, P.O. Box 2002, Allen, TX 75013, 888-397-3742,www.experian.com; or TransUnion, P.O. Box 2000, Chester, PA 19022-2000, 800-680-7289, www.transunion.com.
Information regarding security freezes may also be obtained from these sources.
The Federal Trade Commission (FTC) also encourages those who discover that their information has been misused to file a complaint with them.
To file a complaint with the FTC, or to obtain additional information on identity theft and the steps that can be taken to avoid identity theft, the FTC can be reached at 600 Pennsylvania Ave., NW, Washington, D.C. 20580, or at www.ftc.gov/bcp/edu/microsites/idtheft/ or 877-ID-THEFT (877-438-4338); TTY: 866-653-4261.
State attorneys general may also have advice on preventing identity theft, and instances of known or suspected identity theft should be reported to law enforcement, the Attorney General in the individual’s state of residence, and the FTC. Individuals can also learn more about placing a fraud alert or security freeze on their credit files by contacting the FTC or their state’s Attorney General.
For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001, 919-716-6400,www.ncdoj.gov. For Maryland residents, the Attorney General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202, 888-743-0023,www.oag.state.md.us.
Penn Highlands Brookville encourages affected patients to take advantage of the free credit and identity monitoring services described, and to contact the toll-free, confidential call line with any additional questions or concerns. Penn Highlands Brookville remains committed to the protection of its patients’ personal information.