Unity Recovery Group, Inc. announced the data breach but failed to specify the cause of breach. It just mentioned that it “involved the disclosure of [patients’] personal information to one or more unaffiliated recovery and/or rehabilitation service providers, without [their] prior written consent.” Affected information includes names, addresses, dates of birth, addresses, telephone numbers, Social Security numbers, email addresses, insurance information, and/or certain health-related information.
“To protect against future incidents, we have undertaken additional technological security measures and implemented additional training of our employees to ensure compliance with Unity’s Policies,” Unity said. “We have also hired outside legal counsel to assist us with our investigation and Forensic Data Services, Inc., a technology forensics firm, to enhance the security of our IT systems.”
The breach also affected affiliated companies which include Starting Point Detox, LLC, Lakeside Treatment Center, LLC, Changing Tides Transitional Living, LLC, and Unity Recovery Center, Inc.
According to the statement:
- At Unity, we take patient privacy very seriously and it is important to us that you are made fully aware of a potential privacy issue that may affect you.
- While we have not received any indication that the information disclosed has been accessed or used for any other purpose, we are required to obtain your prior written consent before disclosing your personal information, with limited exception.
- In keeping with our commitment to patient privacy, we have arranged for a complimentary one year subscription for you to ID Experts®, a leading identity and credit protection service. Unity is not affiliated in any way with ID Experts, however, their services have come highly recommended. If you seek the benefits of their services, ID Experts will also assist you with placing a “Fraud Alert” on your credit reports.
Get your personal as well as office laptops encrypted by Alertsec
Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.
Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.