Privacy and Breach Alerts

To protect the privacy rights of its patients, UPMC on Nov. 27 announced that it is alerting nearly 1,300 people treated at various UPMC locations over the past year that their records were viewed inappropriately by a UPMC McKeesport employee. Patient care was not affected. Please read the press release.

The employee has been terminated, and local and federal authorities have been alerted.  Additionally, UPMC has notified the U.S. Department of Health and Human Services as required by the federal Health Insurance Portability and Accountability Act (HIPAA). UPMC is providing additional training to employees and continuing its own review with the aim of enhancing its privacy policies and procedures.

The now former employee accessed patient medical records — including patients’ names, dates of birth, contact information, treatment and diagnosis information, and Social Security numbers — without a valid reason to do so. Patients who have any questions or concerns about this issue can contact the UPMC Office of Patient and Consumer Privacy at 412-647-6286.

IDENTITY THEFT RESOURCES

  1. Place a fraud alert on your credit reports, and review your credit reports.

    Fraud alerts can help prevent an identity thief from opening any additional accounts in your name. Contact any of the three consumer reporting companies below to place a fraud alert on your credit report. You need to contact only one of the three companies to place an alert. The company you call is required to contact the other two. This will allow the two companies you do not call to place an alert on their versions of your report.

    Equifax www.equifax.com
    Experian www.experian.com
    TransUnion www.transunion.com

    Once you place a fraud alert, you're entitled to order free copies of your credit reports. Once you obtain your credit reports, review them carefully. Look for inquiries from companies you haven't contacted, accounts you didn't open, and any debits on your accounts that look suspicious.  Verify that personal information, such as your Social Security number (SSN), address(es), name or initials, and employers is correct. If you find incorrect information, have it corrected or removed.

  2. Close the accounts that you believe have been tampered with or opened fraudu­lently.

    Call to speak with someone in the security or fraud department of each company. Follow up in writing, and include copies of supporting documents. It's important to notify credit card companies and banks in writing. Send your letters by certified mail, return receipt requested, so you can document what the company received and when. Keep a file of your correspondence and enclosures.

    When you open new accounts, use new PIN numbers and passwords. Avoid using information such as your mother's maiden name, your birth date, the last four digits of your SSN, or your phone number.

    If the identity thief has made charges or debits on your accounts, or on fraudulently opened accounts, ask the company for the forms to question those transactions:

    • For charges and debits on existing accounts, ask the representative to send you the com­pany's fraud dispute forms. Write to the company at the address given for billing inquiries. Do not send your correspondence to the address to which you usually send payments. 
    • For new unauthorized accounts, ask the representative to send you the company's fraud dispute forms. If the company already has reported these accounts or debits on your credit report, dispute this fraudulent information.

    Once you have resolved your identity theft dispute with the company, ask for a letter stating that the company has closed the disputed accounts and has discharged the fraudu­lent debits. This letter is your best proof if errors relating to this account reappear on your credit report or you are contacted again about the fraudulent debit.

  3. File a police report 

    The next step is to file a police report.  Get a copy of the police report or the number of the report. It can help you deal with creditors who need proof of the crime. If the police are   reluctant to take your report, ask to file a "Miscellaneous Incidents" report, or try contacting your state police. You also can check with your state attorney general's office to find   out if state law allows you to file a report through the state.

  4. File a complaint with the Federal Trade Commission (FTC) www.ftc.gov

    Filing a complaint with the FTC will provide necessary information that can help law enforcement officials across the nation track down identity thieves. The FTC can refer victims' complaints to other government agencies and companies for further action, as well as investigate companies for violations of laws the agency enforces.

For More Information

Federal Trade Commission (FTC) www.ftc.gov
The FTC provides a wide variety of materials on its website regarding personal information privacy

Department of Justice (DOJ) www.justice.gov
The DOJ and its U.S. attorneys prosecute federal identity theft cases.

Federal Bureau of Investigation (FBI) www.fbi.gov
The FBI, a criminal law enforcement agency, investigates cases of identity theft. The FBI recog­nizes that identity theft is a part of many crimes, including bank, mail, wire, bankruptcy and insurance fraud, fraud against the government, and terrorism.

U.S. Secret Service (USSS) http://www.secretservice.gov
The U.S. Secret Service investigates financial crimes, which may include identity theft. Although the Secret Service generally investigates cases involving large dollar loss, your information may provide evidence of a larger pattern of fraud requiring their involvement.

©  UPMC | Affiliated with the University of Pittsburgh Schools of the Health Sciences
Supplemental content provided by A.D.A.M. Health Solutions. All rights reserved.

For help in finding a doctor or health service that suits your needs, call the UPMC Referral Service at 412-647-UPMC (8762) or 1-800-533-UPMC (8762). Select option 1.

UPMC is an equal opportunity employer. UPMC policy prohibits discrimination or harassment on the basis of race, color, religion, ancestry, national origin, age, sex, genetics, sexual orientation, marital status, familial status, disability, veteran status, or any other legally protected group status. Further, UPMC will continue to support and promote equal employment opportunity, human dignity, and racial, ethnic, and cultural diversity. This policy applies to admissions, employment, and access to and treatment in UPMC programs and activities. This commitment is made by UPMC in accordance with federal, state, and/or local laws and regulations.

Medical information made available on UPMC.com is not intended to be used as a substitute for professional medical advice, diagnosis, or treatment. You should not rely entirely on this information for your health care needs. Ask your own doctor or health care provider any specific medical questions that you have. Further, UPMC.com is not a tool to be used in the case of an emergency. If an emergency arises, you should seek appropriate emergency medical services.

For UPMC Mercy Patients: As a Catholic hospital, UPMC Mercy abides by the Ethical and Religious Directives for Catholic Health Care Services, as determined by the United States Conference of Catholic Bishops. As such, UPMC Mercy neither endorses nor provides medical practices and/or procedures that contradict the moral teachings of the Roman Catholic Church.

© UPMC
Pittsburgh, PA, USA UPMC.com