Inmediata Health Group, Corp. (“Inmediata”) recently became aware of a data security incident that may have involved the limited personal and medical information of some of its customers’ patients. Inmediata is directly mailing notification letters to individuals who may have been affected by this incident and to provide resources to assist them.
In January 2019, Inmediata became aware that some electronic health information was viewable online due to a webpage setting that permitted search engines to index internal webpages that Inmediata uses for business operations. Immediately after Inmediata became aware of the incident, the company deactivated the website and engaged an independent computer forensics firm to assist with an investigation. Based on the current findings of the ongoing investigation, Inmediata has no evidence that any files were copied or saved. In addition, Inmediata has yet to discover any evidence to suggest that any information potentially involved in this incident has been subject to actual or attempted misuse.
The information potentially involved in this incident may include patients’ names, addresses, dates of birth, gender, and medical claim information. A very small group of the potentially impacted people may have Social Security numbers involved as well. The letters mailed to the affected individuals specifically state what data of theirs may have been impacted.
Although Inmediata is unaware of the misuse of any involved information, out of an abundance of caution, Inmediata began mailing notification letters to the potentially affected individuals directly on April 22, 2019. The notification letters also include information about the incident and steps potentially affected individuals can take to monitor and protect their personal information. Inmediata has a toll-free call center established to answer questions about the incident and related concerns.