14 DAY TRIAL // The University of Florida is notifying 14,339 patients of the UF & Shands Family Medicine at Main medical clinic that their details might have been sold to an identity theft ring by one of the clinic’s employees.
“We share our patients’ frustration regarding this situation and regret that it happened. We are committed to serving our patients and helping them get through any problems that arise stemming from this incident” said Susan Blair, chief privacy officer for the University of Florida.
According to the agencies investigating the breach – the US Secret Service, the Office of the State Attorney and the IRS –, the University of Florida employee accessed information such as names, addresses, dates of birth and social security numbers, and sold it to a third party.
The university learned of the breach in October 2012, but it was told not to notify impacted individuals until the investigation was completed. The University of Florida was one of many hospitals and health clinics from Florida targeted by an identity theft ring.
The employee in question has been terminated and he may be charged for his crimes.
Impacted individuals are being offered one year of fraud resolution services. In addition, they’re recommended to contact the major credit agencies and inform them that their personal information was accessed and misused.
The university says it hasn’t been able to find current addresses for 450 patients, so those who were patients between March 2009 and October 2012 and haven’t received any notifications are advised to contact the organization by calling 877-552-1299.
Additional details regarding the incident are available at privacy.ufl.edu.