Hill Country Memorial Hospital (“Hill Country”) of Fredericksburg, Texas has advised its patients and some job applicants of a privacy event that may have compromised certain personal information.
On April 21, HCMH issued the following press release:
Hill Country Memorial Hospital (“Hill Country”) of Fredericksburg, Texas has advised its patients and some job applicants of a privacy event that may have compromised certain personal information. The events are believed to be the result of criminal activity.
Approximately on February 21, 2017, an unauthorized individual not affiliated with Hill Country accessed the email account of a Hill Country employee containing information regarding some patients and job applicants. The email account contained information including names, dates of birth, social security numbers, addresses, patient identification numbers, prescription information, diagnosis information, procedure information, and time and date of treatment. Hill Country has notified law enforcement, secured the affected email account and is implementing additional data security measures to prevent future incidents.
At this time, investigators believe that the individual accessed the email account only in order to submit fraudulent invoices to Hill Country’s accounts payable department for payment. However, Hill Country cannot confirm which, if any, emails in the account the individual accessed and whether there was any resulting acquisition, access, use, or disclosure of personal information in the emails. Therefore, out of an abundance of caution, Hill Country has notified all potentially affected individuals about this issue and is offering one year of credit protection services through Equifax® at no cost to them. In cooperation with law enforcement, Hill Country is continuing to investigate this incident.
“We take patient privacy seriously, and are very sorry for any concern or inconvenience this incident has caused or may cause to anyone who has been affected,” said Jayne Pope, the Chief Executive Officer.
Those who believe they may have been affected by this incident should contact Hill Country’s dedicated incident response hotline at (888) 750-9297.
Hill Country Memorial Hospital is a nonprofit, community-supported hospital offering general and specialty care in 8 counties in the Texas Hill Country and beyond.
A notification was also sent to the Montana Attorney General’s Office.