Seen on their website:
MIAMI, June 12, 2020 Cano Health, LLC, a leading population health management company and operator of primary care medical centers in Florida, is advising its patients of a privacy event that may have compromised certain personal information.
The company recently learned on April 13, 2020 that three employee email accounts were accessed by an unknown perpetrator, and that messages from these accounts may have been forwarded to an outside email account without its knowledge. Upon discovery, Cano Health immediately secured the email accounts and thoroughly investigated the incident. Based on its investigation, Cano Health cannot confirm that any emails were accessed by the unknown perpetrator, but because some emails contained documents or messages with personal information, it is notifying all potentially affected individuals out of an abundance of caution.
Cano Health’s investigation was unable to determine an exact date, but it believes the unauthorized access may have occurred between May 18, 2018 and April 13, 2020. The information in the compromised email accounts during that time included patient names and other information, including PII/PHI.
“We take the protection of our patients’ information very seriously and sincerely apologize for any concern or inconvenience this incident has caused or may cause to anyone who has been affected,” said Dr. Marlow Hernandez-Cano, Chief Executive Officer. “We are committed to continuously updating our information security to guard against new and emerging threats.”
Cano Health will continue working with its IT professionals to identify additional measures it can take to further strengthen security. In addition, the company has notified law enforcement and will cooperate with any investigation.
Individuals potentially affected by the incident are being provided written notification from Cano Health. It recommends that they regularly review and monitor their personal information, accounts, and benefits statements and provides steps to correct information, if so needed. . Individuals may also file a report with law enforcement, their state attorney general, and/or the Federal Trade Commission. As an added precaution to help patients whose financial information may have been affected, Cano Health is offering complimentary credit monitoring services at no cost.
Those who believe they may have been affected by this incident may call Cano Health at 305.767.2429 for more information. Representatives are available Monday through Friday from 6:00 a.m. until 4:00 p.m. PT. (9:00 a.m. until 7:00 p.m. ET).
About Cano Health
Cano Health, LLC operates primary care centers and pharmacies in Florida that specialize in Primary Care for Seniors. As part of its care coordination, Cano Health provides sophisticated, high- touch Population Health Management Programs including patient-centric programs such as home visits, telehealth, transition of care, and high risk & complex care management. Cano Health’s personalized patient care and proactive approach to wellness and preventive care is what sets them apart. For more information visit www.canohealth.com.
DataBreaches.net sent Cano’s media contact an email inquiry as to how Cano discovered the breach on April 13, whether the forwarding email address was U.S. or non-U.S., and how many patients were being notified, and will update this post when a response is received.