Privacy and Breach Alerts

To protect the privacy rights of its patients, on May 15, 2015, UPMC announced about 2,200 people treated at various UPMC emergency departments are being notified in writing that their records may have been illegally disclosed by an employee of Medical Management LLC, an outside medical billing company. MML and its affiliates provide billing services to health care providers throughout the United States, including to UPMC’s physician group Emergency Resource Management Inc. Read the full press release now.

A call center employee — since terminated by MML — has been identified as being responsible for copying certain items of personal information from the billing system over the past two years and then illegally disclosing that information to a third party.

MML is sending letters to patients whose information may have been stolen in this incident. Affected patients who received letters and have any questions should contact Kroll Inc. at 1-855-330-6364, 8 a.m. to 5 p.m. CT.

IDENTITY THEFT RESOURCES

  1. Place a fraud alert on your credit reports, and review your credit reports.

    Fraud alerts can help prevent an identity thief from opening any additional accounts in your name. Contact any of the three consumer reporting companies below to place a fraud alert on your credit report. You need to contact only one of the three companies to place an alert. The company you call is required to contact the other two. This will allow the two companies you do not call to place an alert on their versions of your report.

    Equifax www.equifax.com
    Experian www.experian.com
    TransUnion www.transunion.com

    Once you place a fraud alert, you're entitled to order free copies of your credit reports. Once you obtain your credit reports, review them carefully. Look for inquiries from companies you haven't contacted, accounts you didn't open, and any debits on your accounts that look suspicious.  Verify that personal information, such as your Social Security number (SSN), address(es), name or initials, and employers is correct. If you find incorrect information, have it corrected or removed.

  2. Close the accounts that you believe have been tampered with or opened fraudu­lently.

    Call to speak with someone in the security or fraud department of each company. Follow up in writing, and include copies of supporting documents. It's important to notify credit card companies and banks in writing. Send your letters by certified mail, return receipt requested, so you can document what the company received and when. Keep a file of your correspondence and enclosures.

     

    When you open new accounts, use new PIN numbers and passwords. Avoid using information such as your mother's maiden name, your birth date, the last four digits of your SSN, or your phone number.

    If the identity thief has made charges or debits on your accounts, or on fraudulently opened accounts, ask the company for the forms to question those transactions:

    • For charges and debits on existing accounts, ask the representative to send you the com­pany's fraud dispute forms. Write to the company at the address given for billing inquiries. Do not send your correspondence to the address to which you usually send payments. 
    • For new unauthorized accounts, ask the representative to send you the company's fraud dispute forms. If the company already has reported these accounts or debits on your credit report, dispute this fraudulent information.

    Once you have resolved your identity theft dispute with the company, ask for a letter stating that the company has closed the disputed accounts and has discharged the fraudu­lent debits. This letter is your best proof if errors relating to this account reappear on your credit report or you are contacted again about the fraudulent debit.

  3. File a police report 

    The next step is to file a police report.  Get a copy of the police report or the number of the report. It can help you deal with creditors who need proof of the crime. If the police are   reluctant to take your report, ask to file a "Miscellaneous Incidents" report, or try contacting your state police. You also can check with your state attorney general's office to find   out if state law allows you to file a report through the state.

  4. File a complaint with the Federal Trade Commission (FTC) www.ftc.gov

    Filing a complaint with the FTC will provide necessary information that can help law enforcement officials across the nation track down identity thieves. The FTC can refer victims' complaints to other government agencies and companies for further action, as well as investigate companies for violations of laws the agency enforces.

For More Information

Federal Trade Commission (FTC) www.ftc.gov
The FTC provides a wide variety of materials on its website regarding personal information privacy

Department of Justice (DOJ) www.justice.gov
The DOJ and its U.S. attorneys prosecute federal identity theft cases.

Federal Bureau of Investigation (FBI) www.fbi.gov
The FBI, a criminal law enforcement agency, investigates cases of identity theft. The FBI recog­nizes that identity theft is a part of many crimes, including bank, mail, wire, bankruptcy and insurance fraud, fraud against the government, and terrorism.

U.S. Secret Service (USSS) http://www.secretservice.gov
The U.S. Secret Service investigates financial crimes, which may include identity theft. Although the Secret Service generally investigates cases involving large dollar loss, your information may provide evidence of a larger pattern of fraud requiring their involvement.

©  UPMC | Affiliated with the University of Pittsburgh Schools of the Health Sciences
Supplemental content provided by Healthwise, Incorporated. To learn more, visit Healthwise.org

For help in finding a doctor or health service that suits your needs, call the UPMC Referral Service at 412-647-UPMC (8762) or 1-800-533-UPMC (8762). Select option 1.

UPMC is an equal opportunity employer. UPMC policy prohibits discrimination or harassment on the basis of race, color, religion, ancestry, national origin, age, sex, genetics, sexual orientation, gender identity, marital status, familial status, disability, veteran status, or any other legally protected group status. Further, UPMC will continue to support and promote equal employment opportunity, human dignity, and racial, ethnic, and cultural diversity. This policy applies to admissions, employment, and access to and treatment in UPMC programs and activities. This commitment is made by UPMC in accordance with federal, state, and/or local laws and regulations.

Medical information made available on UPMC.com is not intended to be used as a substitute for professional medical advice, diagnosis, or treatment. You should not rely entirely on this information for your health care needs. Ask your own doctor or health care provider any specific medical questions that you have. Further, UPMC.com is not a tool to be used in the case of an emergency. If an emergency arises, you should seek appropriate emergency medical services.

For UPMC Mercy Patients: As a Catholic hospital, UPMC Mercy abides by the Ethical and Religious Directives for Catholic Health Care Services, as determined by the United States Conference of Catholic Bishops. As such, UPMC Mercy neither endorses nor provides medical practices and/or procedures that contradict the moral teachings of the Roman Catholic Church.

© UPMC
Pittsburgh, PA, USA UPMC.com