MN: Colorado Center for Reproductive Medicine in Minneapolis warns clients of data breach

CCRM Minneapolis, P.C. has become aware of a potential data security incident that may have resulted in the inadvertent exposure of some patients’ personal and health information. Although at this time there is no evidence that patients’ information was actually accessed or viewed, or any indication of actual misuse of anyone’s information, we have taken steps to notify any patients who may have been affected by this incident.

On October 3, 2017, we discovered that our servers had been impacted in a ransomware attack, which prompted an investigation to determine if sensitive information was at risk. The investigation determined that an unknown, unauthorized third-party may have gained access to our server and could have viewed or accessed patient information, including names, addresses, phone numbers, dates of birth, email addresses, Social Security numbers, driver’s licenses, insurance identification numbers and medical records.

Although there is no evidence that the unauthorized third party accessed any information and we are not aware of any misuse of patient information, we take the privacy and security of patient information very seriously, and have taken steps to prevent a similar event from occurring in the future. Notification letters mailed on December 1, 2017, include additional information about what happened and a toll-free number that patients can call to learn more about the incident. The call center is available Monday through Friday from 6:00AM and 5:00 PM Pacific, and can be reached at 1-800-939-4170.

The privacy and protection of patient information is a top priority for CCRM Minneapolis, P.C., which deeply regrets any inconvenience or concern this incident may cause.