Logan Health Provides Notification of Data Security Event
Logan Health Medical Center was recently a victim of a highly sophisticated criminal attack on our information technology systems, which may have involved patients’ personal information. Safeguarding our patients and their personal information is a top priority, and we want share what happened and how we have addressed it.
What happened? On November 22, 2021, we discovered suspicious activity including evidence of unauthorized access to one Logan Health file server that includes shared folders for business operations. With the assistance of third-party forensic experts we immediately launched an investigation to determine the nature and scope of the incident and whether any personal information was affected. On January 5, 2022, the investigation determined that there was unauthorized access to certain files, which contained protected health information.
There was no unauthorized access to our electronic medical records.
What information was involved? Different information may have been involved for each person. The information may have involved your name, address, medical record number, date of birth, telephone number, email address, insurance claim information, date(s) of service, treating/referring physician, medical bill account number and/or health insurance information.
What are we doing? Although there is no indication that the information was misused, we are offering affected individuals 12 months of credit and identity protection services at no charge as an extra precaution. In addition, we have deployed additional safeguards to further fortify our information systems.
What you can do: If you feel that you may have been affected by this event, log on to
loganhealth.kroll.com or call our designated help line at (855) 568-2046, Monday through Friday from 8:00 a.m. to 5:30 p.m. Central Time.
Cyber criminal activity has increased significantly over the past 18 months. Within the last year, more than 700 health systems and other organizations have experienced cyber security events impacting nearly 40,000,000 individuals. We are committed to protecting the privacy of our patients and continue to take steps to combat these malicious threats. Our relationship with our patients is our most valued asset. I want to personally express my deepest regret for any inconvenience that these criminal actions may cause you and your family.
Sincerely,
Craig Lambrecht, MD
President & CEO
Logan Health