Carolina Arthritis Associates Updates Patients on Recent Data Security Incident

Carolina Arthritis Associates, a well-known healthcare provider, has recently communicated with patients regarding a significant data security breach that has raised concerns regarding personal and protected health information. This update serves to inform affected individuals about the incident, which took place on September 27, 2024, when unusual activity was detected that disrupted access to specific systems.

Upon discovering the irregularities, Carolina Arthritis promptly took action to secure its network and engaged a reputable independent digital forensics and incident response firm to conduct a thorough investigation. This investigation aimed to uncover the details of the incident and determine if any sensitive data had been compromised. The findings indicated that an unauthorized entity gained access to certain personal and protected health information belonging to both current and former patients of the clinic.

Through a meticulous review process, Carolina Arthritis was able to identify the individuals whose information was potentially affected. The review concluded on January 21, 2025, and subsequent notifications were sent out swiftly to those impacted.

The types of information that may have been exposed include names, addresses, dates of birth, driver's license numbers, Social Security numbers, medical data, and health insurance information. It is important to note that not every piece of data was compromised for each individual, and the organization is doing everything it can to address the incident effectively.

To enhance transparency, Carolina Arthritis has notified both the Federal Bureau of Investigation (FBI) and the U.S. Health and Human Services Office for Civil Rights about the breach. The healthcare provider has committed to cooperating fully with any investigations aimed at holding the responsible parties accountable for their actions.

In an effort to support those affected, Carolina Arthritis has established a toll-free call center where individuals can seek answers and clarification regarding the incident. The call center operates Monday through Friday from 8 a.m. to 8 p.m. Eastern Time (excluding major U.S. holidays) and can be reached at 1-833-799-3772. This initiative is part of the organization's dedication to providing assistance and fostering a sense of security among its patient base.

Moreover, affected individuals are afforded complimentary identity protection services through TransUnion, which aims to protect their personal information against potential misuse. Patients who have not yet received a notification letter are encouraged to verify their eligibility through the call center before enrolling in these services.

Moving forward, Carolina Arthritis Associates is committed to implementing additional measures to prevent similar incidents from happening in the future. The organization is taking this situation seriously and is focused on ensuring that patient data remains secure and protected.

In conclusion, while there is currently no evidence of the actual misuse of information related to this incident, Carolina Arthritis Associates is determined to remain vigilant and proactive in safeguarding patient details. The situation underscores the importance of cybersecurity across healthcare organizations, as patient trust hinges significantly on how well their information is protected.