MCG Health (MCG), LLC, Vendor Breach Event Notification
Sweetwater Hospital Association (SHA) was recently notified by one of our vendor partners, MCG Health, LLC of a patient data breach that occurred WITHIN MCG HEALTH’s SYSTEMS. Even though Sweetwater Hospital Association systems are not responsible for THE BREACH AT MCG HEALTH, this breach may have exposed some of our patients’ protected health information. To clarify, this patient data breach did not happen at Sweetwater Hospital Association.
MCG Health (MCG), LLC, helps health care providers across the US, including Sweetwater Hospital Association, determine patient’s eligibility for care. To receive this service healthcare providers must share patient information with MCG. On March 25, 2022, MCG determined that an unauthorized party had previously obtained personal information that matched data stored on MCG’s systems. This data included some or all of the following data elements from Sweetwater Hospital Association: names, social security numbers, medical codes, postal addresses, phone numbers, email addresses, dates of birth, and gender identification. Sweetwater Hospital Association was not aware of MCG’s BREACH until Friday May 20th, 2022.
MCG has taken steps to thoroughly investigate the nature and scope of the event. A leading forensic investigation firm was retained to assist, and MCG is coordinating with the FBI. MCG has deployed additional monitoring tools and will continue to enhance the security of their systems. MCG is in the process of notifying all those affected. If you receive a letter from MCG Health, LLC THIS IS NOT A SCAM.
We strongly encourage those who received a letter from MCG to contact their call center at 1-866-475-7221, Monday – Friday, 6 am to 8 pm PT; Saturday – Sunday, 8 am to 5 pm PT. MCG is offering free identity protection and credit monitoring services for two years to those impacted by the breach.