Cypheron Healthcare Solutions (“CHS”) provides revenue cycle management services to healthcare organizations. We place a high value on maintaining the privacy and security of the information we receive from our customers in connection with the services we provide. Regrettably, this notice concerns an incident that may have involved some of that information.
In November 2023, a billing office was broken into and a laptop was stolen. We immediately filed a police report, but the laptop has not been recovered. On January 9, 2024, we learned for the first time that some of the files saved to the laptop contained patient information belonging to some of our customers. We notified these customers on February 22, 2024. The information contained in the files varied by patient, but have included one or more of the following: name, date of service, internal reference number, contact information, insurance information, and/or diagnosis/treatment information. For a small number of patients, Social Security numbers were also identified in the documents.
On April 22, 2024, we began mailing notification letters to identified individuals on behalf of our customers. We have also established a dedicated, toll-free call center to answer questions that individuals may have about the incident. If you have questions, please call 833-918-0247, available Monday to Friday, from 7 a.m. to 7 p.m. Mountain Time. Additionally, it is always a good idea for individuals to review statements received related to their healthcare. If any charges are identified for services they did not receive, they should contact the issuing entity immediately.
Upon learning of the theft, we changed the password associated with the laptop’s user account and confirmed that security tools were previously deployed on the device so that, if it connects to the internet, we will be alerted. Additionally, to help prevent something like this from happening again, we will continue to assess and, where appropriate, enhance office security.
We remain committed to protecting the confidentiality and security of patient information, and apologize for any concern this incident may have caused.