374 MDG establishes toll-free number for inquiries regarding privacy breach
YOKOTA AIR BASE, Japan -- On August 21, 2012, the 374th Medical Group (374 MDG) at Yokota AB, Japan, discovered a potential compromise of patients' protected health information (PHI) when, on or about September 22, 2011, a former 374 MDG provider mailed surgical reports he performed at the facility to his stateside address. These reports pertained to 438 patients and were intended for the American Board of Surgeons to maintain the provider's board certification. Unfortunately, the package containing the medical information never arrived at his home and the United States Postal Service was unable to locate the package. The data elements involved in the documents include patient names, Social Security Numbers, dates of birth, diagnoses, descriptions and summaries of select procedures and operations performed by the provider between October 2007 and September 2011. Upon discovery, the 374 MDG immediately initiated an investigation to determine the circumstances surrounding the loss and identify those who were potentially impacted. To mitigate this incident and prevent future compromises of this nature, the 374 MDG is currently reviewing their policies and procedures to assist providers with the board certification process.
As of today, we have found no evidence to indicate that the compromised information has been used in a malicious manner. It is Department of Defense and Air Force policy to notify individuals that they may be at risk. While the mailings of notification letters took place on or about October 29, 2012, 38 of the letters have been returned as undeliverable. Therefore, the 374 MDG is posting this substitute web announcement to notify those potentially affected of the details surrounding this breach and to provide the potential actions available to further safeguard their personal information.
The 374 MDG has taken additional measures to assist their beneficiaries who may be concerned if they were impacted by this breach. Individuals can contact 1-877-615-3758 to inquire about their specific information during 8:00 am-8:00 pm central standard time.
As a reminder, anyone impacted by this incident is encouraged to take steps to protect their personal information and should be guided by the actions recommended by the Federal Trade Commission (FTC) at: http://www.ftc.gov/bcp/edu/microsites/idtheft/. The FTC site provides instructions for placing a free fraud alert on credit reports and also other valuable information regarding actions, which can be taken now or in the future, should any problems develop.
The 374 MDG takes this breach of privacy very seriously and deeply regrets and apologizes for any inconvenience and concern this incident may cause their patients. Concerned individuals may contact Maj Vicki Robles, the Health Insurance Portability and Accountability Act Privacy Officer, at DSN 315-225-6498/6478 or Commercial 011-81-3117-55-6498/6478.