TALLAHASSEE, Fla. (WTXL) — A data security incident impacting a national healthcare and hospital system includes entities in Leon County.
HCA Healthcare said in a news release Monday that it recently discovered that a list of certain information with respect to some of its patients was made available by an unknown and unauthorized party on an online forum.
HCA became aware of the claims on the online platform on July 5 and said it activeted incident response protocols to understand and assess the situation.
The breach includes 11 million HCA Healthcare patients nationwide.
Some of the information exposed includes patient name, city, state and zip code, email, telephone number, date of birth, gender service date, location and next appointment date.
HCA Healthcare said information used for email messages such as reminders that patients may wish to schedule an appointment and education on healthcare programs and services was exposed.
HCA said it appears the incident was a theft from an external storage location exclusively used to automate the formatting of email messages.
HCA noted information it believes was not exposed includes clinical information, such as treatment, diagnosis, or condition, payment information, such as credit card or account numbers, sensitive information, such as passwords, driver’s license or social security numbers.
Below are the entities in the region listed by HCA Healthcare that has been impacted by the incident:
- HCA Florida Capital Hospital
- HCA Florida Capital Primary Care
- HCA Florida Capital Pelvic Health and Incontinence
- HCA Florida Capital Pulmonary Specialists
- HCA Florida Capital Women's Health
- HCA Florida Capital Cardiology Specialists
- HCA Florida Capital Surgical Specialists
- HCA Florida Capital Women's Health
A spokesperson for HCA Florida Capital Healthcare referred all questions by ABC 27 related to facilities impacted in the Tallahassee region to the news release provided by HCA Healthcare.
HCA Healthcare facilities in Georgia were also impacted by the security incident. Click here for all facilities in Georgia that were impacted.
Click here to view all Florida facilities impacted by the event.
HCA said the data event has not disrupted its day to day operations, the incident was reported to law enforcement and other entities to investigate the incident.
The investigation is ongoing and it has not been determined if the incident was malicious.
HCA said it will offer credit monitoring and identity services when appropriate and suggests patients stay vigilant in identifying calls, emails or SMS texts which appear to be spam or fraudulent.
Additionally, patients should never open links or attachments sent from untrusted sources.
HCA Healthcare said if you receive communication regarding an invoice, balance, or payment reminder that may be fraudulent to call HCA Healthcare at (844) 608-1803 and it will confirm the legitimacy of the message.