One of America’s largest providers of hospitalists (physicians who practice in hospitals) and its staffing arm suffered a data breach. On June 10, 2014, the hospitalist was informed by a subcontractor that a potential data breach had occurred on a server located overseas. The breach impacted approximately 10,000 patients in numerous states; however, there was no indication that patient billing and staff training data had been accessed, used or disclosed for any malicious purpose. AGG was tasked with developing the responses.
AGG assisted the client with making required disclosures to the US Department of Health and Human Services Office of Civil Rights and various state agencies, and drafted patient-notice letters and media notices. In addition, AGG helped the company create several detailed response packages, and the company’s response that informed clients about the progress of the investigation. AGG also helped prepare the training script for the credit monitoring service’s call center employees in order to efficiently and accurately address frequently asked questions from impacted patients. Additionally, AGG helped select a public relations firm to handle media inquiries and created a comprehensive FAQ for the media and the company’s customers.
Because of the client’s proactive, best-practices response to the breach, customers praised the sophisticated handling of the situation, and the company’s reputation for providing quality service was enhanced.