Notification to Our Patients of Phishing Incident
Kaleida Health is committed to maintaining the privacy and security of our patients’ information. Regrettably, this notice is to inform you of an incident involving some of that information.
On May 24, 2017, we learned that an unauthorized third party potentially accessed a Kaleida Health employee’s email account. We immediately began an investigation, including hiring a leading outside computer forensic firm to assist it. The investigation determined that an unauthorized third party may have gained access to a small number of Kaleida Health email accounts, which may have included patients’ names, medical record numbers, dates of birth, diagnoses, treatment information, or other clinical information. Social Security numbers and financial information were not contained in the email accounts.
We have no indication that any of the information has been used inappropriately. However, we began mailing letters to affected patients on July 21, 2017 and have established a dedicated call center to answer any questions. If you believe you may be affected and have not received a letter by August 11, 2017 or have additional questions, please call 1-866-779-0488, Monday through Friday between 9:00 a.m. and 6:00 p.m. Eastern Time.
We regret any inconvenience or concern this may cause our patients. To help prevent something like this from happening in the future, we continue to enhance our security measures relating to protection of patient information.