Baptist Medical Center & Resolute Health Hospital
Baptist Medical Center & Resolute Health Hospital
Informational Website
Su información personal puede haber estado involucrada en un incidente de datos. Si desea recibir una version de esta carta en español, por favor llame 1-833-423-2986.
ENROLL NOW
FREQUENTLY ASKED QUESTIONS
Notice of Data Security Incident
06/17/2022 — This notice provides information about a recent cybersecurity incident that affected Baptist Medical Center and Resolute Health Hospital, from which individuals may have received services at one of our locations in Texas (collectively “we”). We are committed to protecting your information. This commitment includes notifying you if we believe that an incident may have involved your personal information. This notice provides information about the incident and the resources available to you.
What happened?
On April 20, 2022, it was discovered that certain systems within our network may have been infected with malicious code as a result of potentially unauthorized activity. In response to this incident, user access was immediately suspended to impacted information technology applications, extensive cybersecurity protection protocols were executed, and steps were quickly taken to restrict further unauthorized activity. In parallel, an investigation of the incident was immediately launched, and a national forensic firm was engaged to assist with investigation and remediation efforts. Although the investigation is ongoing, it has been determined that an unauthorized third party was able to access certain systems that contained personal information and remove some data from the network between March 31, 2022 and April 24, 2022. As a result of this review, it appears that your personal information may have been involved.
What information may have been involved?
Based on the review, the personal information involved in this incident may have included one or more of the following elements: (1) demographic information to identify and contact you, such as full name, date of birth, and address; (2) Social Security number; (3) health insurance information, such as name of insurer/government payor, policy and/or group number; (4) medical information, such as medical record number, dates of service, provider and facility names, chief complaint or reason for visit, and other visit, procedure and diagnosis information; and (5) billing and claims information, such as account and/or claim status, billing and diagnostic codes, and payor information. Your driver’s license number, credit and debit card information, bank account information and account passwords were not involved in this incident. Please note that not all data elements were involved for all individuals.
What we are doing.
We take the security of personal information seriously. As soon as the incident was discovered, a forensic investigation was immediately launched, law enforcement was contacted, and steps were taken to mitigate and remediate the incident and to help prevent further unauthorized activity. In response to this incident, security and monitoring capabilities are being enhanced and systems are being hardened as appropriate to minimize the risk of similar incidents in the future.
Individuals affected by this incident are being mailed notice letters. Since it is possible there may be insufficient contact information for some individuals, notice is being provided on the Baptist Medical Center and Resolute Health Hospital websites as permitted by HIPAA.
Complimentary credit monitoring and identity protection services are being offered to those whose Social Security number was potentially involved. There is a deadline of September 17, 2022 to activate these services, and instructions on how to activate these services are included in the notice letters sent to affected individuals. For additional information, please call the toll-free number listed below.
What you can do.
In addition to enrolling in the complimentary credit monitoring and identity protection services if you are eligible, the Additional Resources section at the top of this page includes additional information on general steps you can take to monitor and help protect your personal information. Please review the Additional Resources. We also encourage you to carefully review statements sent from healthcare providers and insurance companies to ensure that all of your account activity is valid. Any questionable charges should be promptly reported to the provider or company with which you maintain the account.
For more information
For the next 90 days, if you have any questions about this matter or would like additional information (including which types of your data may have been involved and whether you are eligible for complimentary credit monitoring and identity protection services), please call toll-free 1-833-423-2986. This call center is open from 9 am – 9 pm Eastern Time, Monday through Friday, except holidays. This substitute notice and toll-free number will remain active for at least 90 days.
We deeply regret any concern this incident may cause you and want to assure you that we take this matter seriously.
Informational Website
Su información personal puede haber estado involucrada en un incidente de datos. Si desea recibir una version de esta carta en español, por favor llame 1-833-423-2986.
ENROLL NOW
FREQUENTLY ASKED QUESTIONS
Notice of Data Security Incident
06/17/2022 — This notice provides information about a recent cybersecurity incident that affected Baptist Medical Center and Resolute Health Hospital, from which individuals may have received services at one of our locations in Texas (collectively “we”). We are committed to protecting your information. This commitment includes notifying you if we believe that an incident may have involved your personal information. This notice provides information about the incident and the resources available to you.
What happened?
On April 20, 2022, it was discovered that certain systems within our network may have been infected with malicious code as a result of potentially unauthorized activity. In response to this incident, user access was immediately suspended to impacted information technology applications, extensive cybersecurity protection protocols were executed, and steps were quickly taken to restrict further unauthorized activity. In parallel, an investigation of the incident was immediately launched, and a national forensic firm was engaged to assist with investigation and remediation efforts. Although the investigation is ongoing, it has been determined that an unauthorized third party was able to access certain systems that contained personal information and remove some data from the network between March 31, 2022 and April 24, 2022. As a result of this review, it appears that your personal information may have been involved.
What information may have been involved?
Based on the review, the personal information involved in this incident may have included one or more of the following elements: (1) demographic information to identify and contact you, such as full name, date of birth, and address; (2) Social Security number; (3) health insurance information, such as name of insurer/government payor, policy and/or group number; (4) medical information, such as medical record number, dates of service, provider and facility names, chief complaint or reason for visit, and other visit, procedure and diagnosis information; and (5) billing and claims information, such as account and/or claim status, billing and diagnostic codes, and payor information. Your driver’s license number, credit and debit card information, bank account information and account passwords were not involved in this incident. Please note that not all data elements were involved for all individuals.
What we are doing.
We take the security of personal information seriously. As soon as the incident was discovered, a forensic investigation was immediately launched, law enforcement was contacted, and steps were taken to mitigate and remediate the incident and to help prevent further unauthorized activity. In response to this incident, security and monitoring capabilities are being enhanced and systems are being hardened as appropriate to minimize the risk of similar incidents in the future.
Individuals affected by this incident are being mailed notice letters. Since it is possible there may be insufficient contact information for some individuals, notice is being provided on the Baptist Medical Center and Resolute Health Hospital websites as permitted by HIPAA.
Complimentary credit monitoring and identity protection services are being offered to those whose Social Security number was potentially involved. There is a deadline of September 17, 2022 to activate these services, and instructions on how to activate these services are included in the notice letters sent to affected individuals. For additional information, please call the toll-free number listed below.
What you can do.
In addition to enrolling in the complimentary credit monitoring and identity protection services if you are eligible, the Additional Resources section at the top of this page includes additional information on general steps you can take to monitor and help protect your personal information. Please review the Additional Resources. We also encourage you to carefully review statements sent from healthcare providers and insurance companies to ensure that all of your account activity is valid. Any questionable charges should be promptly reported to the provider or company with which you maintain the account.
For more information
For the next 90 days, if you have any questions about this matter or would like additional information (including which types of your data may have been involved and whether you are eligible for complimentary credit monitoring and identity protection services), please call toll-free 1-833-423-2986. This call center is open from 9 am – 9 pm Eastern Time, Monday through Friday, except holidays. This substitute notice and toll-free number will remain active for at least 90 days.
We deeply regret any concern this incident may cause you and want to assure you that we take this matter seriously.
