Tennessee Orthopaedic Alliance (TOA) recently notified more than 81,000 patients after an unknown party gained access to an employee’s email account.
TOA first detected unusual activity in the account on October 18, 2019. A forensic investigation determined that data containing former and current patients’ personal or protected health information contained within two email accounts may have been affected.
This information may have included names, dates of birth, contact information (addresses, phone numbers and email addresses), Social Security numbers, health insurance information, treatment or diagnostic information (including codes), and/or treatment cost information.
As of February 14, when TOA mailed notifications to those potentially affected, TOA had no evidence that any of the information potentially involved in this incident had been misused. rotect their personal information.
As part of its response to the incident, TOA is offering complimentary identity protection services through Kroll to those individuals whose Social Security numbers were potentially impacted in connection with this incident.
TOA’s full notice can be found on their website. The incident was reported to HHS as impacting 81,146 patients.