Notice of Privacy Event at Briar Hill Management
Briar Hill Management of Ridgeland, Mississippi provides management services for skilled nursing facilities in the State. The company takes resident privacy very seriously and, as part of that commitment, it is notifying all potentially affected residents of a privacy event that may impact personal health information.
On February 26, 2016, the company learned that an employee was unable to locate a company-assigned laptop. The company later learned that the employee had violated company practice by impermissibly saving resident health information on the hard drive, and by failing to properly secure the laptop when outside of the company’s office.
The missing laptop’s hard drive contained the following types of health information: resident names, addresses, social security numbers, dates of birth, dates of service, prescription information, and medical records. Importantly, the laptop did not contain all of these types of information for every affected resident.
Based on its investigation to date, Briar Hill Management does not believe that any inappropriate access has occurred with respect to this information. Following exhaustive search efforts; however, the company has not yet located the laptop. Therefore, out of an abundance of caution Briar Hill Management has mailed notice to all potentially affected residents of this incident and is offering one year of credit monitoring and identity protection services through AllClear ID at no cost to the affected residents.
In response to this issue, Briar Hill Management has taken numerous remedial actions, including sanctioning the employee involved, seeking local law enforcement assistance, and implementing additional security measures for all mobile technology used by its personnel.
“We sincerely regret any concern or inconvenience this incident has caused or may cause any of our valued residents and their families,” said Sandy Lindsey, Compliance Officer for Briar Hill Management. “We take resident privacy as seriously as we do their care. We want to assure our residents and the community we serve that we will continue to work both to understand this incident and to implement measures to further strengthen our data security.”
Those who believe they may have been affected by this incident should contact the dedicated incident response hotline at 1-855-354-1910.