Sunrise Medical Laboratories, Inc. notifies patients of data security incident
July 16, 2019
HICKSVILLE, N.Y., July 15, 2019 /PRNewswire/ -- Sunrise Medical Laboratories, Inc. ("SML") has been informed by Retrieval Masters Creditors Bureau d/b/a American Medical Collection Agency ("AMCA") of a data security incident involving the AMCA payment website. AMCA is an independent collection agency that SML and many other entities used for debt collection. The incident is limited to AMCA's systems. The security of SML's systems was not affected by this incident.
According to AMCA, on March 21, 2019, AMCA became aware of facts indicating there had been a data security incident. After conducting an investigation, in May of 2019, AMCA notified SML about the incident and informed SML that an AMCA database containing information for some SML patients had been affected. However, at the time of AMCA's initial notification, AMCA did not provide SML with enough information for SML to identify potentially affected patients or confirm the nature of patient information potentially involved in the incident, and SML's investigation is on-going. Based on the information provided by AMCA, the following information belonging to SML patients may have been affected by the incident: patient names, addresses, phone numbers, dates of birth, dates of service, balance information, credit card or banking information and treatment provider information. AMCA has advised SML that its patients' social security numbers were not involved in the incident. SML does not provide AMCA healthcare records such as laboratory results and clinical history.
In response to the breach, AMCA sent notification letters to approximately 15,000 SML patients informing them that their names, addresses, phone numbers, dates of birth, dates of service, balance information, credit card or banking information and treatment provider information may have been impacted. In addition, based on the investigation and the information provided by AMCA, SML estimates that approximately another 412,000 patients may have had their names, addresses, phone numbers, dates of birth, dates of service, balance information and treatment provider information impacted by this incident. For these patients, credit card and banking information is not impacted. The impact of this incident is limited to patients whose accounts were referred for debt collection and who reside in the United States.
Individuals with questions about this incident or questions about precautionary steps they can take may call 833-300-6926 for additional information.
SML takes the security of its patients' information very seriously, including the security of data handled by vendors. As a result of the investigation, SML is no longer using AMCA for collection efforts.
The privacy and protection of patient information is a top priority. SML greatly appreciates the patience and loyalty of its patients as it works to respond to this incident.
SOURCE Sunrise Medical Laboratories, Inc.