Privacy and Breach Alerts
To protect the privacy rights of its patients, on May 15, 2015, UPMC announced about 2,200 people treated at various UPMC emergency departments are being notified in writing that their records may have been illegally disclosed by an employee of Medical Management LLC, an outside medical billing company. MML and its affiliates provide billing services to health care providers throughout the United States, including to UPMC’s physician group Emergency Resource Management Inc. Read the full press release now.
A call center employee — since terminated by MML — has been identified as being responsible for copying certain items of personal information from the billing system over the past two years and then illegally disclosing that information to a third party.
MML is sending letters to patients whose information may have been stolen in this incident. Affected patients who received letters and have any questions should contact Kroll Inc. at 1-855-330-6364, 8 a.m. to 5 p.m. CT.
IDENTITY THEFT RESOURCES
Place a fraud alert on your credit reports, and review your credit reports.
Fraud alerts can help prevent an identity thief from opening any additional accounts in your name. Contact any of the three consumer reporting companies below to place a fraud alert on your credit report. You need to contact only one of the three companies to place an alert. The company you call is required to contact the other two. This will allow the two companies you do not call to place an alert on their versions of your report.
Equifax — www.equifax.com
Experian — www.experian.com
TransUnion — www.transunion.com
Once you place a fraud alert, you're entitled to order free copies of your credit reports. Once you obtain your credit reports, review them carefully. Look for inquiries from companies you haven't contacted, accounts you didn't open, and any debits on your accounts that look suspicious. Verify that personal information, such as your Social Security number (SSN), address(es), name or initials, and employers is correct. If you find incorrect information, have it corrected or removed.
Close the accounts that you believe have been tampered with or opened fraudulently.
Call to speak with someone in the security or fraud department of each company. Follow up in writing, and include copies of supporting documents. It's important to notify credit card companies and banks in writing. Send your letters by certified mail, return receipt requested, so you can document what the company received and when. Keep a file of your correspondence and enclosures.
When you open new accounts, use new PIN numbers and passwords. Avoid using information such as your mother's maiden name, your birth date, the last four digits of your SSN, or your phone number.
If the identity thief has made charges or debits on your accounts, or on fraudulently opened accounts, ask the company for the forms to question those transactions:
- For charges and debits on existing accounts, ask the representative to send you the company's fraud dispute forms. Write to the company at the address given for billing inquiries. Do not send your correspondence to the address to which you usually send payments.
- For new unauthorized accounts, ask the representative to send you the company's fraud dispute forms. If the company already has reported these accounts or debits on your credit report, dispute this fraudulent information.
Once you have resolved your identity theft dispute with the company, ask for a letter stating that the company has closed the disputed accounts and has discharged the fraudulent debits. This letter is your best proof if errors relating to this account reappear on your credit report or you are contacted again about the fraudulent debit.
File a police report
The next step is to file a police report. Get a copy of the police report or the number of the report. It can help you deal with creditors who need proof of the crime. If the police are reluctant to take your report, ask to file a "Miscellaneous Incidents" report, or try contacting your state police. You also can check with your state attorney general's office to find out if state law allows you to file a report through the state.
File a complaint with the Federal Trade Commission (FTC) www.ftc.gov
Filing a complaint with the FTC will provide necessary information that can help law enforcement officials across the nation track down identity thieves. The FTC can refer victims' complaints to other government agencies and companies for further action, as well as investigate companies for violations of laws the agency enforces.
For More Information
Federal Trade Commission (FTC) www.ftc.gov
The FTC provides a wide variety of materials on its website regarding personal information privacy
Department of Justice (DOJ) www.justice.gov
The DOJ and its U.S. attorneys prosecute federal identity theft cases.
Federal Bureau of Investigation (FBI) www.fbi.gov
The FBI, a criminal law enforcement agency, investigates cases of identity theft. The FBI recognizes that identity theft is a part of many crimes, including bank, mail, wire, bankruptcy and insurance fraud, fraud against the government, and terrorism.
U.S. Secret Service (USSS) http://www.secretservice.gov
The U.S. Secret Service investigates financial crimes, which may include identity theft. Although the Secret Service generally investigates cases involving large dollar loss, your information may provide evidence of a larger pattern of fraud requiring their involvement.