IA: Virginia Gay Hospital notifies patients after discovering compromised employee email account
As posted on the hospital’s web site on August 15:
Virginia Gay Hospital Notifies Patients of Security Incident
Vinton, Iowa (August 15, 2019) – Virginia Gay Hospital has become aware of a data security incident that may have resulted in the disclosure of the personal information of its patients. Virginia Gay Hospital immediately investigated the incident and has sent letters to potentially affected patients to notify them and to provide information on steps they can take to protect themselves.
On June 18, 2019, Virginia Gay Hospital determined that patient information contained in an email account may have been accessed by an unknown third party. Virginia Gay Hospital engaged computer forensic experts to help investigate and determine what information may have been impacted. It was determined that the potentially compromised information included patient names, dates of birth, social security numbers, and medical information. Although Virginia Gay Hospital has seen no evidence that this sensitive information was accessed by the intruder, it wanted to provide notice of this incident, along with information pertaining to available resources.
Virginia Gay Hospital values and respects its patients’ privacy, which is why notification letters regarding the data incident were mailed and included information about the incident and steps potentially impacted individuals can take to protect their information. Virginia Gay Hospital has established a toll-free call center to answer questions about the incident and related concerns. The call center is available Monday through Friday from 8:00 a.m. to 8:00 p.m., Central Time, and can be reached at (855) 940-0843.
Virginia Gay Hospital sincerely regrets any concern or inconvenience that this matter may cause its patients, and remains dedicated to protecting patient’s personal information.