Notice of Data Security Incident
Drexel Medicine is committed to protecting the confidentiality and security of our patients’ information. This notice describes a data security incident that may have involved information pertaining to some Drexel Medicine patients. To date, Drexel Medicine has no evidence that any information has been misused or even accessed by unauthorized parties, however, we are providing notice of this incident out of an abundance of caution.
On June 10, 2019, we determined that unauthorized parties may have obtained access to a Drexel Medicine employee email account on June 8, 2019. Upon learning of this, we secured the employee’s email account and launched an investigation. Through our ongoing investigation, we determined that unauthorized parties may have been able to access emails and attachments in the employee’s email account between the dates of June 8, 2019 and June 10, 2019. It may be that unauthorized parties accessed information, including names, dates of birth, medical record numbers, dates of treatment, physician names, medications, treatment and diagnosis information.
Drexel Medicine regrets any inconvenience or concern this may cause. To help prevent an incident like this from happening in the future, Drexel Medicine is enhancing existing security measures related to our email system. We encourage you to regularly review your insurance statements and explanations of benefits to ensure that they are accurate.
We began mailing notification letters to potentially affected individuals on August 7, 2019, and we have established a dedicated incident response line to answer any questions. If you believe you may be affected by this incident but did not receive a letter by August 17, 2019, please call 866.944.5454, Monday through Friday, 8:00 – 5:00 pm, Eastern Daylight Time.
* Physician's practice/location is independent of Drexel Medicine and Drexel University.