Redwood Eye Center Provides Notification of Data Security Incident
VALLEJO, CALIFORNIA – December 6, 2018– Redwood Eye Center (“Redwood”), an ophthalmology practice located in Vallejo California, has become aware of a data security incident that may have involved protected health information belonging to its patients. Redwood has mailed notification letters to the potentially impacted individuals to notify them of the incident and to provide resources to assist them.
On September 20, 2018, Redwood learned that on September 19, 2018, the third-party vendor that hosts and stores Redwood’s electronic medical records experienced a data security incident that affected records pertaining to Redwood patients. Upon learning of the incident, Redwood worked with the third-party vendor to investigate the incident, which in turn consulted a digital forensic firm. Redwood also consulted with a specialized medical software vendor. Redwood’s investigation determined that the incident may have involved patient information, including patient names, addresses, dates of birth, health insurance information, and medical treatment information.
Redwood takes the security of information belonging its patients very seriously and has taken steps to prevent a similar event from occurring in the future. These steps include changing medical record hosting vendors and enhancing the security of patient information.
The notification letters being mailed to potentially-impacted individuals include information about the incident and steps they can take to monitor and protect their personal information. Redwood has established a toll-free call center to answer questions about the incident and to address related concerns. The call center is available Monday through Friday from 6:00 a.m. to 6:00 p.m., PST and can be reached at 888-595-6390. Redwood patients who believe they may have been affected by the incident can protect themselves by placing a fraud alert or a security freeze on their credit files.
The privacy and protection of patient information is a top priority. Redwood deeply regrets any inconvenience or concern that this incident may cause.
The following information is provided to help patients or others wanting more information about steps that they can take to protect themselves:
What steps can I take to protect my personal information?
• If you detect any suspicious activity on any of your persona financial accounts, you should promptly notify the financial institution or company with which the account is maintained. You should also promptly report any fraudulent activity or any suspected incidents of identity theft to proper law enforcement authorities.
• Obtain a copy of your credit report, free of charge, directly from each of the three nationwide credit reporting agencies. To do so, free of charge once every 12 months, please visit www.annualcreditreport.com or call toll free at 1-877-322-8228. Contact information for the three nationwide credit reporting agencies is listed at the bottom of this page.
• Please notify your financial institution immediately of any unauthorized transactions made or new accounts opened in your name.
• You can take steps recommended by the Federal Trade Commission to protect yourself from identify theft. The FTC’s website offers helpful information at www.ftc.gov/idtheft.
• Additional information on what you can do to better protect yourself is included in your notification letter.
How do I obtain a copy of my credit report?
You can obtain a copy of your credit report, free of charge, directly from each of the three nationwide credit reporting agencies. To order your credit report, free of charge once every 12 months, please visit www.annualcreditreport.com or call toll free at 1-877-322-8228. Contact information for the three nationwide credit reporting agencies is included in the e-mail and letter, and is also listed at the bottom of this page:
How do I put a fraud alert on my account?
You may consider placing a fraud alert on your credit report. This fraud alert statement informs creditors to possible fraudulent activity within your report and requests that your creditor contact you prior to establishing any accounts in your name. To place a fraud alert on your credit report, contact Equifax, Experian or TransUnion and follow the Fraud Victims instructions. To place a fraud alert on your credit accounts, contact your financial institution or credit provider. Contact information for the three nationwide credit reporting agencies is included in the letter and is also listed at the bottom of this page.
Contact information for the three nationwide credit reporting agencies is as follows:
Equifax Security Freeze
PO Box 105788
Atlanta, GA 30348
Experian Security Freeze
PO Box 9554
Allen, TX 75013
PO Box 2000
Chester, PA 19022