HIPAA

NOTICE OF HIPAA BREACH AFFECTING ACHIEVING CHANGE TOGETHER (ACT) PROGRAM PARTICIPANTS

To Whom It May Concern:

SHIELDS For Families is hereby notifying you of the recent theft of your personal information. We became aware of this breach on 2/28/12. We believe the breach occurred on or around 2/27/12. The incident occurred as follows:

After operating hours on 2/27/12, an unknown person or persons gained access to the second-floor attic area of our Achieving Change Together (ACT) program located at 9624 S. Compton Avenue, Los Angeles, CA 90002. The person or persons stole the program’s computer server, where personal information was stored, and other server components. The theft was discovered on February 28, 2012, when a staff member could not access the server’s software. A subsequent inspection of the attic area revealed that the server, monitor and keyboard had been stolen. The police were notified on February 28, 2012 and a police report is on file. The identity of the person(s) responsible for the theft is still unknown.

We believe that as a result of the theft you and your family’s privileged health information was compromised. Examples of privileged health information include date of birth, address, treatment plans, and other types of personal information.

SHIELDS for Families conducted an exhaustive search, but was unable to identify the person or persons responsible for the theft. We deeply regret what has happened and if the culprit(s) are identified we will be seeking the severest penalties possible under HIPAA and CFR 42, Part 2.

To help ensure that you and your family’s personal information is not being used inappropriately, we recommend that you take the following steps:

    1. Call the toll-free numbers of any of the three major credit bureaus listed below. This can help prevent an identify thief from opening accounts in your name(s). As soon as the credit bureau confirms your fraud alert, the other two credit bureaus will automatically be notified to place alerts on your credit report, and all three reports will be sent to you free of charge. The three credit reporting bureaus are:
        • Equifax: 1-800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
        • Experian: 1-888-397-3742; www.experian.com; P.O. Box 9532; Allen, TX 75013
        • TransUnion: 1-800-680-7289; www.experian.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790
    2. Order your credit reports. These companies will provide you with at least one free credit report. By establishing a fraud alert, you will receive a follow-up letter that will explain to you how you can receive a free copy of your credit report. When you receive your credit report, examine it closely and look for signs of fraud, such as credit accounts that are not yours.
    3. Continue to monitor your credit reports. Even though a fraud alert will be placed on your account, you should continue to monitor your credit reports to ensure someone else has not opened an account with your personal information.
    4. Be alert to any one who might have information about you that in normal circumstances would not or should not have personal or private information about you or your family. If you suspect someone, immediately notify Christopher Igonia-Mock, HIPAA Compliance Officer, at (323) 242-5000, extension 1274, or toll-free at 866-400-9439.

SHIELDS for Families sincerely apologizes for any problem this situation may cause you. We take very seriously our role in safeguarding you and your family’s personal information and using it only in the most appropriate manner. To better safeguard this information, we have taken the following steps:

  1. We moved the new server to a secure location;
  2. We will ensure that whomever enters the room where the new server is stored signs a log sheet;
  3. We installed a new lock on the room where your personal information is stored;
  4. Staff will check to ensure all program offices are locked at the end of the business day.

We ask and encourage you to talk or email any questions or concerns that you have to Christopher Igonia-Mock, HIPAA Compliance Officer, at (323) 242-5000, extension 1274, toll-free at 866-400-9439, or email him atcmock@shieldsforfamilies.org. You may also mail correspondence to SHIELDS for Families, 11601 South Western Ave, Los Angeles, CA 90047.

Sincerely,

Christopher Igonia-Mock
HIPAA Compliance Officer