St. Francis Physicians Services notifies patients of data breach

St. Francis Physicians Services began notifying patients Friday of a data breach.

The incident involved Milestone Family Medicine, which was once part of SFPS. 

The letters sent to patients said an unauthorized individual gained access to some systems at the doctor’s office on January 4. The letter also stated that SFPS immediately launched an investigation and took steps to secure the account.

The investigation revealed patient information was contained on the system and may have included some patients’ names, dates of birth, addresses, health insurance company and social security numbers. 

SFPS said there is no indication that any patient information has been misused.

They have offered complimentary credit monitoring and identity protection services to those patients whose social security numbers were included in the affected system. 

A spokesperson for SFPS said the affiliation between Milestone Family Practice and St. Francis Physician Services ended on February 24. They said the decision was made prior to the breach and that the decision was unrelated. 

SFPS released the following statement about the data breach:

St. Francis Physician Services (“SFPS”) announced today that it is sending letters to patients about a recent incident involving Milestone Family Medicine.

On January 4, 2019, SFPS learned an unauthorized individual gained access to some systems at Milestone Family Medicine. SFPS immediately took steps to secure the account and began an investigation. The investigation determined some patient information was contained on one of the systems and may have included some patients’ names, dates of birth, addresses, health insurance company, social security number and information related to care patients received at Milestone Family Medicine.

Although SFPS has no indication that any patient information has been misused, it is mailing letters to affected patients and is offering complimentary credit monitoring and identity protection services to those patients whose social security numbers were included in the affected system. SFPS recommends affected patients review statements they receive from their health care providers. If they see charges for services they did not receive, please contact the provider immediately.

SFPS deeply regrets any concern this may cause. To help prevent something like this from happening in the future, SFPS is enhancing technology management and information security risk oversight. If patients have questions about the incident, they may call 1-877-239-1255, Monday through Friday, 9 a.m. to 9 p.m. Eastern Time.