Notice to Our Patients Regarding Email Incident at UW Health
UW Health is committed to protecting the security and confidentiality of our patients’ information. Regrettably, this notice concerns an incident involving some of that information.
On March 28, 2017, we learned that on March 16, 2017, an unauthorized individual gained access to a UW Health employee’s credentials and email account. We immediately began an investigation, disabled the account, and reset the email user’s password. We conducted a thorough review of the employee’s email account and confirmed that some of the emails contained patient information which may have included patients’ names; addresses; dates of birth; dates of service; providers’ names; reason for visit; medical history and conditions, medications; diagnostic results and/or social history. Patients’ medical records, Social Security numbers, credit card numbers, health insurance numbers, or other financial information were not included in the emails.
We have no indication that the information in the emails has been used in any way; however, as a precaution, we began mailing letters to affected patients on May 25, 2017, and have established a dedicated call center to answer any questions patients may have. If you believe you may be affected and have not received a letter by June 8, 2017, or if you have any questions regarding this incident, please call 1-888-742-9174 Monday through Friday between 8am and 8pm Central Time.
We regret any inconvenience or concern this may cause our patients. To help prevent something like this from happening in the future, we are reviewing the incident and reinforcing educational efforts with employees and providers regarding emails and patient confidentiality.
Date Published: 05/26/2017