Allergy Partners is committed to protecting the confidentiality and security of our patients’ information. Regrettably, this notice concerns a security incident that may have involved some of that information for a specific group of patients.
On February 23, 2021, Allergy Partners identified unusual network activity. We immediately took steps to secure the network and began an investigation with the assistance of a computer forensic firm. On February 24, 2021, the investigation determined that an unauthorized person gained access to the network between January 12, 2021 and February 23, 2021. During that time, the unauthorized person deployed malware and acquired copies of some of the information on our systems. On March 16, 2021, we determined the acquired information also included documents that contained patient information. We immediately began a comprehensive review of all documents involved. Although the review is ongoing to identify the patients whose information is reflected in these documents, we are aware that for some of our patients, the documents may contain one or more of the following: name, address, date of birth, health insurance information, driver’s license number, Social Security number, financial account numbers, and/or clinical, diagnosis, and/or treatment information.
Once the review is complete, we will mail letters to all patients whose information is identified in the documents involved. We have also established a dedicated, toll-free call center to answer patients’ questions. If you have questions, please call 1-855-916-6190, Monday through Friday, from 9:00 a.m. to 6:30 p.m. Eastern Time. For those patients whose Social Security numbers and/or driver’s license numbers are identified in the documents, we will offer complimentary credit monitoring and identity protection services. We also recommend that affected patients review any statements they receive from their health insurers and health care providers. If patients see charges for services not received, they should contact the insurer or provider immediately.
We regret any concern or inconvenience this incident may cause. We remain committed to protecting the confidentiality and security of patient information. To help prevent something like this from happening again, we are continuing to regularly audit our systems for potential unauthorized activity, and are implementing enhanced network monitoring tools.