Behavioral health clinic’s data breach may leave patients vulnerable

Some patients at Quality Behavioral Health could have had private information stolen during a data breach that occurred between Nov. 24 and 26 of last year, according to a post added to the clinic’s website.

QBH provides mental health, crisis intervention and substance abuse services, as well as sexual assault services for victims. It is one of the major behavioral health care providers in the Lewis Clark Valley.

According to the statement by QBH, the clinic has been reviewing and notifying potentially affected patients, “out of an abundance of caution.” At least some of those notifications were sent out Tuesday.

The sensitive data at risk may include patients’ names and contact information, birthdays, Social Security numbers, driver’s license or state ID card numbers, medical history or financial information, health insurance numbers, student, military or passport identification numbers, and medical diagnosis and treatment information, according to the notice on the clinic’s website.

“We have been working diligently to investigate the incident and confirm any information that may be affected,” the notice stated. “While the investigation has not determined that information was viewed or copied from the system during the cyber incident … we were unable to conclusively rule out such activity.”

In its statement, QBH recommended patients who may have been affected watch for potential incidents of identity theft or fraud by reviewing account statements, explanation of benefit forms and free credit reports for suspicious activity.

Phone messages left with QBH were not returned in time for the deadline of this article.

The three major credit reporting bureaus, Equifax, Experian and TransUnion, are all required to provide one free credit report per year. Credit reports can be ordered by visiting www.annualcreditreport.com or calling 1-877-322-8228. Individuals can also contact any of the three bureaus directly.

Consumers can also place fraud alerts on their credit file for free, which will require businesses to verify a consumer’s identity before extending new credit, with any of the three credit bureaus.

Consumers also have the option to place a credit freeze on their accounts, which prohibits credit bureaus from releasing information without a consumer’s express consent, which can prevent credit, loans, and services from being approved in someone’s name without their consent.

However, a credit freeze may delay or interfere with requests or applications the consumer files for a new loan, credit, mortgage or other account involving the extension of credit.