Notice of data privacy event
A Notice to Our Patients
Sharp HealthCare is committed to protecting the confidentiality and security of our patients’ information. Regrettably, we recently identified and addressed a security incident involving some of that information.
On January 12, 2023, we identified suspicious activity on a server that runs the Sharp.com website. We immediately initiated our incident response protocols, which included taking potentially impacted servers offline. We also began an investigation with the assistance of a forensic technology firm. The investigation determined that an unauthorized person gained access to the website server for a few hours on January 12, 2023. During that time, the unauthorized person gained access to a file containing certain patients’ information. While it varied from person to person, the information contained in the file was limited to patient names, internal Sharp identification numbers and/or invoice numbers, payment amounts, and the names of the Sharp facilities receiving the payments.
The information did not include bank account or credit/payment card information, Social Security numbers, contact information, health insurance information, dates of birth, clinical information, department name, provider name, or information about the services received. Additionally, this incident did not involve unauthorized access to Sharp’s medical record systems or the FollowMyHealth® patient portal.
Please note, this incident did not affect all Sharp patients, but only those who paid a bill or invoice using the online bill payment service between Aug. 12, 2021, and Jan. 12, 2023.
We have no indication that anyone’s information has been misused. However, as a precaution, we are mailing notification letters to individuals whose information was involved in this incident. We have also established a dedicated, toll-free call center to answer questions that individuals may have about the incident. If you have questions, please call 1-833-753-3819, Monday through Friday, from 6:00 a.m. to 6:00 p.m. Pacific Time. We recommend that affected individuals review statements they receive from their healthcare providers. If they see charges for services they did not receive, they should contact the provider immediately.
We regret any concern or inconvenience this incident may cause, and remain committed to protecting the confidentiality and security of our patients’ information. We have enhanced the security tools on our website servers to help prevent this from happening in the future, and will continue to monitor our systems to proactively identify additional safeguards.