Advanced Data Processing, Inc. Data Breach (2012)

A notice posted on the city of Yuma's website reports that account information of ambulance patients served by Yuma Fire Department were illegally accessed during a data breach of the company that provides the billing service. But it's thought that no information about Yuma patients was compromised in the data breach by an employee of Advanced Data Processing Inc., which manages billing for the emergency medical services industry, including Yuma. The company learned on Oct. 1, 2012, that one of its employees improperly accessed certain patient account information for the various agencies it serves. The employee passed on the information to a Florida theft ring suspected of filing false federal income tax returns. Unfortunately, this is a big problem ... a nationwide problem, said Lisa MacKenzie, media contact for Advanced Data Processing. The situation was quickly taken care of, and MacKenzie said she's not aware of any improper use of information of patients from Yuma. The employee was quickly identified, immediately terminated and has been arrested and prosecuted. To be on the safe side, though, Advanced Data Processing sent letters to all affected Yuma-area parties and made resources available to those with questions or concerns about any activity on their personal accounts. A few mailings were returned to ADPI as undeliverable, triggering a legal requirement that the information be posted on the page of the violated party's (in this case the city's) website for 90 days. Accessed account information included name, date of birth, Social Security number and record identifier. No medical information was accessed. The post provides contact information for ADPI and a list of resources available for anyone who is concerned their information may have been compromised. People can call 1-_877-_264-_9622 Mondays through Fridays from 9 a.m. to 9 p.m. Eastern Time or visit www.myidcare.com/intersecurity. Those who believe they have been affected by this incident are advised to review their credit card statements and monitor their credit report for unauthorized activity. To order a credit report, visit www.annualcreditreport.com or call 1-877-322-8228. If you have reason to believe your information is being misused, you should contact local law enforcement and file a police report. If you believe a tax return has been illegally filed using your information, contact your local IRS Service Center or call the IRS at 1-800-908-4490. In addition to working closely with federal and local law enforcement agencies that are conducting a criminal investigation, Advanced Data Processing has taken a number of steps to minimize the risk of future data breaches. MacKenzie said the company already had a rigorous compliance program in place that includes new employee and annual training, background checks and privacy and security measures. As a result of the incident, however, the company is reinforcing to its employees the importance of the security and confidentiality of sensitive personal data. The city monitored this situation from the outset and has been satisfied with ADPI's response, said Dave Nash, public affairs coordinator. They discovered the incident quickly. They caught the person they believe responsible for it, terminated her and fully cooperated with authorities in a criminal investigation.