Valley Anesthesiology and Pain Consultants Data Breach (2016)

Valley Anesthesiology and Pain Consultants Notifying 882,590 Patients PLUS all Employees and Providers of Security Incident On June 13, 2016, VAPC learned that a third party may have gained unauthorized access to VAPC computer systems on March 30, 2016. The computer systems may contain patient information, such as patient names, their providers' names, dates of service, places of treatment, names of health insurers, insurance identification numbers, diagnosis and treatment codes, and in some instances, social security numbers. For providers, the computer systems included credentialing information, such as names, dates of birth, social security numbers, professional license numbers, Drug Enforcement Agency (DEA) numbers, National Provider Identifiers (NPIs), as well as bank account information and potentially other financial information. For employees, the computer systems included names, dates of birth, addresses, social security numbers, bank account information and financial information, such as tax information. no evidence that any of the information has been accessed or used inappropriately.