Tandigm Health notifying 7,000 patients after discovering vulnerability that might have exposed patient data in 2017
PHILADELPHIA, Nov. 23, 2018 /PRNewswire/ — Tandigm Health (Tandigm), a value-based healthcare company that supports health plans by collaborating with primary care physicians to enhance and improve patient care, announced today that it is sending letters to patients about a recent security incident involving patient information.
On September 25, 2018, Tandigm discovered a potential vulnerability in one of its websites. Tandigm quickly launched an investigation to determine the nature and scope of this incident, working with a leading forensics investigation firm to confirm whether the vulnerability could enable someone to potentially bypass the existing security safeguards, and, if so, what information may have been affected. After thorough investigation, Tandigm does not have evidence that patient information was subject to unauthorized access or misuse. Tandigm is providing patients with notice in an abundance of caution, because while it cannot determine if the information was actually accessed, it was accessible between April 24, 2017, and December 31, 2017. The information included names, dates of birth, medical information, and health insurance information for approximately seven thousand patients. This incident did not involve any financial or credit information.
Tandigm is sending notices to patients so they may take further steps to best protect their information. Tandigm also established a dedicated assistance line to answer any questions patients may have and is offering notified patients a two-year complimentary credit monitoring and identity protection service. Tandigm encourages patients to review their health insurance policy statements and to monitor explanation of benefits forms. If a patient identifies services they did not receive, they should contact their provider or insurer.
Information privacy and security are among Tandigm’s highest priorities, and there are strict security measures in place to protect information in Tandigm’s care. To help prevent something like this from happening in the future, Tandigm added additional security to the internet-based platforms, is providing additional and ongoing staff data security training, reviewing existing security and privacy policies, and enhanced the security protections it already has in place.
For additional information about this incident, please visit the Tandigm website at www.tandigmhealth.com.
SOURCE Tandigm Health