Broward Health has sent letters to approximately 960 former patients notifying them of a data breach that involved their personal information. The data was removed from Broward Health Medical Center by an employee who no longer works at the hospital and was discovered during a law enforcement investigation.
Broward Health has been cooperating with local and federal law enforcement since June 2013 to investigate the incident, identify those responsible, identify the potentially affected individuals and information, and to take steps to reduce the risk to patient information security. Broward Health continues to work with authorities to identify any inappropriate use of personal data. The data removal is believed to have occurred between October and December 2012.
Broward Health is strengthening procedures surrounding the protection of personal information and re-educating staff members. The hospital system has completed an internal investigation and is reviewing and enhancing safeguards to better ensure the security of patient information.
Frequently Asked Questions
Based on information provided by law enforcement, Broward Health conducted an investigation into the removal of patient personal information. The investigation found that an individual – a Broward Health employee at the time – inappropriately removed registration face sheets from the hospital. Employees are prohibited from removing protected patient information from Broward Health property.
What information is included on face sheets?
Face sheets contain basic identifying information, including name, address, date of birth, insurance policy numbers, and reason for visit. Some health insurance plans, such as Medicare and Medicaid, use social security numbers as insurance policy numbers. Face sheets currently display only the last four digits of the patient’s social security number. Face sheets do not contain test results. We have no indication that medical records were compromised or are at risk.
When did Broward Health learn of the issue?
Broward Health has been working with local and federal law enforcement since June 2013. Our investigation began as quickly as reasonably possible while maintaining all appropriate safeguards and precautions.
Who potentially may be affected?
Patients who visited Broward Health Medical Center between October 2012 and December 2012 may be affected by this incident. Broward Health has no indication patients seen at other Broward Health facilities are affected.
How will those affected be notified?
Patients who may have been affected will receive an individual notification letter, mailed to the address provided on their last visit. The letter will contain information about identity theft protection.
What actions has Broward Health taken?
Broward Health is strengthening procedures surrounding the protection of personal information and re-educating staff members.
Where can I find more information?
This page is the primary source of information for this incident. Broward Health has also established a toll-free number, 855-209-5295 that affected individuals may call for additional information. This toll-free incident line is available 24 hours per day until December 31, 2013.
If you have additional questions, you may contact the Broward Health Corporate Compliance Department at 954-847-4295.
I received a letter, what can I do to protect my credit?
It’s important to understand that a breach of your personal information does not mean you will experience identity theft. You should, however, take steps to protect your credit. You should get a copy of your credit report and review it for unusual activity and/or accounts, including credit cards you have not opened or listed addresses that are not yours.
You may order one credit report from each of the three nationwide consumer credit reporting companies by visiting annualcreditreport.com, or calling 1-877-322-8228.
You may individually order your credit report from each of the three consumer credit reporting companies at the same time, or you may order your report from each company one at a time. Since the law allows you to order one free copy of your report from each of the three companies every 12 months, the recommended approach is to order one copy from a different reporting company every four months. This staggered approach will allow you to review and monitor your information free of charge once every four months. For additional information, visit the State of Florida Office of the Attorney General Identity Theft Resource and Response Center website.
The contact information for the three nationwide consumer credit reporting companies is:
What is a fraud alert?
A fraud alert is a special message placed on your credit report that tells a credit issuer when inquiring about a consumer’s credit that there may be fraud on the account. Before extending new credit, the creditor will call you to confirm that you have applied for such credit. A fraud alert is generally placed on your account for a 90-day period.
How do I place a fraud alert on my file?
To place a fraud alert on your file, you may call one of the consumer credit reporting companies and make the request. The company you call will automatically forward the fraud alert to the other two. Once the fraud alert is placed on your file, you should receive a confirmation letter from all three credit bureaus. This letter also will contain instructions on how to order a free credit report. Once you receive your report, if you feel something is incorrect or suspicious, call the bureau at the phone number provided on the report.
Will a fraud alert interfere with the use of my credit cards or with obtaining new credit?
No, it will not stop you from using your credit cards. However, it may slow the process of obtaining new credit. Since the purpose of the fraud alert is to protect you from someone else establishing credit in your name, creditors will need to re-verify the identity of the person applying for credit.