From their public notice:
On March 1, 2018, the offices of Complete Family Medicine, LLC were burglarized. Later the same day, Complete Family Medicine discovered that the perpetrators stole numerous items including a computer component of a medical device used to conduct EKGs and uncashed patient checks that were stored in a locked safe. Law enforcement was notified and immediately began an investigation. Some, but not all, of the checks were later recovered. To date, the computer has not been recovered.
The stolen computer contained information about patients who had an EKG performed at Complete Family Medicine including first and last names, dates of birth, and EKG images. Information on the computer did not include financial information, social security numbers, or patient addresses. The stolen checks contained information including first and last name, address, and bank account information.
Complete Family Medicine has sent letters to all impacted individuals for whom the practice has valid addresses by U.S. mail. The letters contain important information about steps individuals can take to prevent medical identity theft or fraud. Complete Family Medicine recommends the following actions as good practice for individuals concerned about misuse of their health care information:
- Closely monitor any Explanation of Benefits or EOB sent by an insurance company other entity that pays medical bills and contact your health care provider if anything looks suspicious.
- Request a copy of current medical records from each health care provider and report any errors or suspicious information.
- Request an accounting of disclosures which lists the times health information has been shared for certain activities.
For those individuals whose bank account information was involved, Complete Family Medicine has arranged for a one-year enrollment in an online credit monitoring service (myTrueIdentity) provided by TransUnion Interactive, a subsidiary of TransUnion, one of the three nationwide credit reporting companies. Instructions on how to enroll in this free service are included in the letters sent to affected individuals whose bank account information was compromised.
To learn whether your information was included in the breach or to ask questions, please contact the Complete Family Medicine office manager, Lisa Ackerman, by phone at 308-696-2273 or by e-mail at ackermanl@gphealth.org. Due to the nature of the incident and to further mitigate risk to patients, callers will be asked to provide additional identifiers so that Complete Family Medicine can accurately verify a callers identity.
Complete Family Medicine is reviewing its policies and procedures to determine if any changes are necessary to its physical security or how information is maintained. We deeply regret any inconvenience this incident may have caused patients and their families.
Published in the North Platte Telegraph North Platte, Nebraska April 28, 2018 May 1, 2018.