Riverside Community Care, Inc. is committed to protecting the confidentiality and security of our clients’ information. This notice describes a data security incident that may have involved information for some of our clients.
On October 23, 2020, Riverside determined that an unauthorized party gained access to files containing information for some clients. The unauthorized access resulted from a data security incident that we first identified on October 17, 2020, which disrupted the operations of our IT systems.
Upon learning of the data security incident, Riverside immediately took steps to secure our systems, notified law enforcement, and launched an investigation. Riverside’s investigation confirmed that this incident did not involve unauthorized access to its Electronic Health Record or billing systems.
Through our investigation, we determined that an unauthorized party may have accessed our IT systems between the dates of October 15, 2020, and October 17, 2020. During that time, the unauthorized party may have accessed files on some systems containing some client information, including client names in combination with dates of birth, health insurance plan information, dates of service, provider names, clinical information, and affiliation with Riverside as a client. In some very limited instances, some client Social Security numbers may have been subject to unauthorized access as a result of the incident. Riverside will mail letters to individuals whose information may have been involved in the incident. In addition to mailing letters, we have established a dedicated, toll-free call center to answer questions that clients may have. If you have questions, please call 800-847-2562, Monday through Friday, between 8:00 a.m. and 5:00 p.m., Eastern Time, excluding major U.S. holidays.
We recommend that clients whose information may have been involved in this incident review the statements they receive from their health care providers and health insurance plan. If they see services they did not receive, clients should contact the provider or health insurer immediately.
We deeply regret any inconvenience or concern this may cause you. To help prevent something like this from happening again, we have implemented enhanced, continuous monitoring and alerting software on our IT systems.