Peachtree Immediate Care is committed to protecting the privacy and security of patient information, and as part of this commitment, we are making certain individuals aware of a recent incident that may have impacted their personal information.
On October 5, 2020, Peachtree Immediate Care became aware that as a result of a phishing email sent to an employee, an unauthorized agent accessed the employee’s email account without her knowledge. The employee has access to limited amounts of patient information as necessary to perform her job functions.
Upon discovering the incident, Peachtree Immediate Care took immediate steps to secure the email account. We also began an investigation to determine how the incident occurred and engaged an outside data security firm to assist in this investigation.
We determined that as a result of the phishing incident, information for approximately 1,500 patients pertaining to certain laboratory tests that were performed at the practice between February 20 and July 30, 2020 may have been accessed. The types of information that may have been accessed include patient names, the type of laboratory test performed, the date of the test, and the amount of outstanding payment owed for the service. The information did not include test results, treatment information, or any patient addresses, dates of birth, social security numbers or credit card information.
In addition to conducting an investigation to determine how the incident occurred and what information was involved, our information technology support team is taking steps to help prevent recurrences, including providing additional security-related training to employees regarding technical controls and updating our procedures.
Peachtree Immediate Care takes information security and patient privacy very seriously. We deeply regret this situation and any inconvenience this may cause our patients. Although we do not have any evidence that patient information has actually been accessed or improperly used, we are encouraging affected individuals to take precautions to protect the security of their personal information. We recommend that they promptly report any suspicious activity or suspected identity theft to law enforcement or their state’s attorney general. We also recommend that individuals remain vigilant to prevent identity theft and fraud by monitoring credit reports and financial institution and other account statements. Individuals have rights under the federal Fair Credit Reporting Act, including the right to request a credit score. A summary of these rights can be found on the Federal Trade Commission’s website at https://www.consumer.ftc.gov/articles/pdf-0096-fair-credit-reporting-act.pdf.
Individuals wishing to find out if their information was affected by this incident may contact us at (888)998-2497. You may also mail us at:
Attention Privacy and Data Officer
2675 Paces Ferry Rd, Suite 200
Atlanta, GA 30339