Notice to Our Patients of Data Security Incident
Sky Lakes Medical Center (“Sky Lakes”) is committed to protecting the privacy of our patients’ information. We are in the process of investigating an incident that may involve the loss of some of that information. This notice describes the incident and outlines additional measures that we have implemented to safeguard patient information going forward.
On October 27, 2020, we discovered that several computer systems were encrypted with ransomware. We immediately began to investigate, a cybersecurity firm was engaged, and steps were taken to address the incident and restore operations. Our investigation has found no evidence that any patient information has been accessed or acquired by an unauthorized person and, to date, all Sky Lake facilities are operational. However, during the course of our investigation, we have learned that a limited number of historical medical images belonging to Sky Lakes patients cannot yet be restored.
Again, we have no indication that any information was actually viewed by the unauthorized person, or that it has been misused. Moreover, given the age of the images, we anticipate no negative impact on patient care. Nevertheless, out of an abundance of caution, we wanted to notify Sky Lakes patients of this incident and share that a limited amount of patient information may be unrecoverable as a result of this incident. At this time, Sky Lakes does not recommend any action on the part of our patients. Individual patients will be notified if it is determined that any of their images are permanently unrecoverable. To help prevent a similar incident from occurring in the future, we have implemented additional safeguards and technical security measures to further enhance the security of our network.
If you would like more information about the incident, please call 844-866-1186, Monday through Friday, between 7:00 a.m. and 5:00 p.m., Pacific Time, excluding major U.S. holidays.