DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

NJ: Summit Medical Group notifies patients about missing notebook

Posted on November 12, 2018 by Dissent

Anthony Vecchione reports:

Summit Medical Group said Monday it is looking into an incident of a possible security leak of patient data.

SMG said it became aware of the potential unauthorized disclosure of patient medical records Sept. 5 when management and privacy office personnel were notified a notebook maintained by a medical assistant in the dermatology office in Berkeley Heights was misplaced and was not recovered.

In a statement, SMG said that it launched an investigation into the incident and determined that the notebook was maintained by the medical assistant to track all of the patients to whom she provided health care services.

The employee kept the notebook at the facility and reported that the book never left the dermatology office, according to SMG.

Read more on NJBiz.

The following is SMG’s press release, issued November 2:

BERKELEY HEIGHTS, N.J., Nov. 2, 2018 /PRNewswire/ — Summit Medical Group (“SMG”) is taking action after discovering an isolated incident that may impact the security of information relating to a limited number of SMG patients.

On or around September 5, 2018, SMG became aware of the potential unauthorized disclosure of patient medical records when SMG management and Privacy Office were notified that a notebook maintained by a medical assistant in the dermatology office at Berkeley Heights was misplaced and unable to be recovered. SMG immediately launched an investigation into this incident, and it was determined that the notebook was maintained by the medical assistant to track all of the patients to whom she provided health care services, to assist her with following up with patients. The employee kept the notebook at the facility and reported that the book never left the dermatology office. This cataloging of the information in the notebook began around January 12, 2018 and included information pertaining to all patients seen by the employee through September 5, 2018, when the employee could not locate the notebook. Management and the Privacy Office conducted interviews of employees, reviewed security footage, and searched the office, but found no trace nor evidence of the notebook.

While the information present in the notebook varies by individual, SMG’s investigation determined that the information that may have been affected includes: name, date of birth, address, home telephone number, insurance policy number, Medicare ID (which can also be a patient’s Social Security Number), and treatment information.

While SMG has no evidence that any information involved in this incident has been subject to actual or attempted misuse, SMG is mailing notice letters to individuals who may have been affected by this incident. SMG is also encouraging potentially impacted individuals to remain vigilant against incidents of identity theft and fraud, to review account statements and explanations of benefits, and to monitor credit reports and explanation of benefits forms for suspicious activity and to detect errors.

SMG is providing potentially impacted individuals information on obtaining a free credit report annually from each of the three major credit reporting bureaus by visiting www.annualcreditreport.com, calling 877-322-8228, or contacting the three major credit bureaus directly at: Equifax, P.O. Box 105069, Atlanta, GA, 30348, 800-525-6285, www.equifax.com; Experian, P.O. Box 2002, Allen, TX 75013, 888-397-3742, www.experian.com; TransUnion, P.O. Box 2000, Chester, PA 19016, 800-680-7289, www.transunion.com.

Potentially impacted individuals may also find information regarding identity theft, fraud alerts, security freezes and the steps they may take to protect their information by contacting the credit bureaus, the Federal Trade Commission or their state Attorney General. The Federal Trade Commission can be reached at: 600 Pennsylvania Avenue NW, Washington, DC 20580; www.identitytheft.gov; 1-877-ID-THEFT (1-877-438-4338); and TTY: 1-866-653-4261. Instances of known or suspected identity theft should also be reported to law enforcement or the individual’s state Attorney General. SMG will be providing notice of this incident to the U.S. Department of Health and Human Services, as well as required state regulators.

SMG understands that patients may have questions about this incident that are not addressed in this release. If you have questions or concerns, please do not hesitate to reach out to SMG’s Patient Relations Department via [email protected] or 908-977-9499 Monday – Friday, 9am – 5pm ET, excluding national holidays.

About Summit Medical Group

Recognized as New Jersey’s premier multispecialty medical group, Summit Medical Group has more than 80 locations in seven northern New Jersey counties. Summit Medical Group’s 800+ practitioners cover more than 80 medical specialties and services, with a focus on delivering patient-centered and coordinated care. Summit Medical Group’s unique care model recently expanded nationally with the founding of Summit Medical Group Oregon – BMC Total Care and Summit Medical Group Arizona. Additionally, Summit Medical Group is the only healthcare provider in northern New Jersey to offer patients access to the world-renowned MD Anderson Cancer Network® through Summit Medical Group MD Anderson Cancer Center. For more information, visit www.summitmedicalgroup.com.

SOURCE Summit Medical Group

Related Links

http://www.summitmedicalgroup.com

Category: Health DataPaperTheftU.S.

Post navigation

← NJ: Former Chilton Medical Center employee sentenced on Computer Criminal Theft charges
City of Bakersfield announces data breach from hacked Click2Gov system →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Resource: Insider Threat reports
  • Za: Cyber extortionist sentenced to eight years in jail
  • ICE takes steps to deport the Australian hacker known as “DR32”
  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.