Skip to Content

Home|Notification of Data Security Incidents

Notification of Data Security Incidents

At Presbyterian, we are committed to protecting the privacy of our patients and members.

On June 6, 2019, Presbyterian discovered anonymous, unauthorized access was gained through a deceptive email to some of Presbyterian’s workforce members sometime around May 9, 2019. Presbyterian believes that the unauthorized access to these email accounts was part of a “phishing” scam trying to get information. These email accounts included patient and/or health plan member names and might have contained dates of birth, Social Security numbers and clinical and/or health plan information. Once Presbyterian became aware of this incident, it secured these email accounts, began a thorough review of the impacted emails and alerted federal law enforcement.

We are very sorry that unauthorized access to some of the workforce members’ emails occurred. We are not aware of any improper use, or attempted use of your information, but we believe it is important to notify you of this incident. This did not affect our electronic health records or billing systems.

We take the responsibility of safeguarding your information very seriously. To help prevent this incident from happening again, Presbyterian is taking several steps and implementing additional security measures to further protect our email system. In addition, all workforce members annually must successfully complete mandatory training about the importance and requirement to safeguard all information. In particular, workforce members have received, and will continue to receive, reminders about safeguarding information stored electronically and how to avoid phishing scams.

We recommend that you review the statements that you receive from your health plan or your health care providers regarding your health care services. If you see any service that you believe you did not receive, please contact the health plan or provider immediately. We want to assure you that Presbyterian is committed to protecting the privacy and confidentiality of every individual’s information.

If you have any questions, please call 1-833-297-6405, Monday through Friday, 7:00 a.m. to 7:00 p.m. Mountain Time.

Aviso de Incidente de Seguridad de Datos

Update on Previously Announced Personally Identifiable Information Incident

Presbyterian mailed additional letters to some individual providers in the Presbyterian Health Plan network, including Presbyterian-employed providers, regarding the previously announced phishing incident.

On July 31, 2019, Presbyterian learned that an unauthorized person may have accessed some employee email accounts through a “phishing” scam. Once Presbyterian became aware of this incident, it secured the affected email accounts and alerted federal law enforcement. At least one of these email accounts contained provider names and Social Security numbers.

While Presbyterian’s investigation remains ongoing at this time, there is no evidence indicating that any of the providers’ information was downloaded or used in any way.

Presbyterian is offering providers complimentary credit monitoring. Presbyterian also established a dedicated call center to answer questions for those affected by this incident.

To help prevent this type of incident from happening again, Presbyterian has implemented additional security measures to further protect our email system. In addition, all employees complete annual training related to protecting all information.

Presbyterian regrets that this incident occurred and has services and support in place to help affected individuals. Providers who have questions can call 1-833-959-1350, Monday through Friday, 7 a.m. to 7 p.m. Mountain time. If you are a provider and believe you may have been affected, but did not receive a letter, please contact the call center to verify information.