Website Notice to Our Patients

Emory Healthcare is dedicated to serving our patients' health care needs, and that includes safeguarding the confidentiality and privacy of our patients' personal information. We were recently informed of an incident that involves patients' health data. The details of this incident and the services we are offering to help protect affected patients are noted below.

For affected patients whose addresses we have, we sent notice of this issue through the U.S. mail. This web notice is to alert patients who may be affected, but for whom we do not have a postal address. If you did not receive a letter and think this situation may apply to you, please call 1-855-205-6950.

On February 20, 2012, we discovered that 10 backup data discs containing information about some of our surgical patients treated between September 1990 and April 2007 were missing from their storage location at Emory University Hospital. As soon as we discovered the discs were missing, we launched an extensive search and investigation, and we are continuing those efforts. There is no indication that this information has been or will be misused. It is also important to note that this incident was not a breach or "hacking" of our computer systems.

The investigation revealed the discs were removed from their storage location sometime between February 7, 2012, and February 20, 2012. The discs contained data from a software system that was deactivated in 2007, but may have contained the Social Security numbers, names, addresses, dates of birth and clinical information of affected patients. The information is related to surgery patients treated at Emory University Hospital, Emory University Hospital Midtown (formerly Emory Crawford Long Hospital) and The Emory Clinic Ambulatory Surgery Center between September 1990 and April 2007. It did not contain information for patients treated at any other Emory Healthcare facilities or after April 2007.

We have taken immediate steps to fortify the protective measures that are already in place. New and enhanced data control measures have been implemented accordingly.

Patients affected by this incident may enroll for one year of free credit monitoring services. Please call the toll-free number listed below to determine if your information was affected. The Reference Guide linked here provides recommendations by the U.S. Federal Trade Commission on how to further protect personal information. For example, affected patients may want to place a fraud alert on their credit files.

We take our obligation to safeguard personal information very seriously. Therefore, we are alerting our patients so that they can take steps to further protect themselves. We encourage affected patients to remain vigilant and to carefully review their account statements and monitor their credit reports. You are entitled under U.S. law to one free credit report annually from each of the three national credit bureaus. To order your free credit report, visit www.annualcreditreport.com or call toll-free at 1-877-322-8228.

If you have any additional questions, you may call the Emory Healthcare Support Center at 1-855-205-6950, 9 a.m. to 6 p.m. (Eastern Daylight Time), Monday through Friday.

Again, we sincerely regret this situation and any inconvenience this may cause our patients. We hope that the support services offered to affected patients help demonstrate our commitment to protecting patient information and the value we place on our patient relationships.

Sincerely,

John T. Fox Anne Adams
President & CEO Chief Privacy Officer
Emory Healthcare Emory Healthcare