[ad_1]
UC San Diego Health says a third-party vendor used analytics tools on scheduling websites for an urgent care clinic in La Jolla and five Express Care clinics elsewhere in San Diego County, collected information and then transmitted it to other companies.
Solv Health hosted and managed UCSD Health’s scheduling websites for the urgent care location in La Jolla at 8910 Villa La Jolla Drive and Express Care clinics in downtown San Diego, Encinitas, Chula Vista, Pacific Highlands Ranch and Rancho Bernardo.
The analytics tools may have captured names, dates of birth, email addresses, IP addresses, third-party cookies, reasons for visits and insurance types for people who used the scheduling website between Sept. 13 and Dec. 22 to book appointments for in-person or video visits at those locations.
However, the tools did not collect Social Security numbers or medical record and financial account numbers or debit/credit card information, according to a UCSD Health statement. The scheduling websites were not part of the health system’s electronic health records system, called MyUCSDChart, and no information in MyUCSDChart was affected by Solv Health’s use of analytics tools, the statement said.
UCSD Health said it will mail letters Monday, March 20, to patients with addresses on file to notify them of the data breach.
Additionally, the system directed Solv Health to remove the analytics tools from the scheduling websites immediately after the initial discovery of the issue in late December, UCSD Health said, and worked with the vendor to identify people whose data may have been collected. It also transitioned to a new scheduling tool for the affected locations.
UCSD Health established a call center for questions about the breach at (800) 909-1243. It is open from 6 a.m. to 8 p.m. Mondays through Fridays and 8 a.m. to 5 p.m. Saturdays and Sundays. ◆
[ad_2]
Source link
