Please ensure Javascript is enabled for purposes of website accessibility

Notice of Privacy Breach

Vail Health Services recently suffered a security incident affecting limited portions of protected health information for some of our patients. After experiencing issues with our network systems, we promptly investigated, and on April 5, 2022, we determined that a third party potentially viewed the information on February 11, 2022. Vail Health is providing this notice to give you more information on what happened and what we are doing in response. 

WHAT HAPPENED
An unauthorized third party gained access to a restricted location in Vail Health’s computer network that had a small number of files, a subset of which contained results for COVID-19 testing performed at various Vail Health locations. Based on our investigation, the third party potentially viewed the information in the files, but we currently do not believe the files were copied or downloaded.

WHAT INFORMATION WAS INVOLVED
The small number of files contained protected health information for individuals who received COVID-19 tests from Vail Health, including some individuals’ full name, date of birth, contact information, COVID-19 test results, and encounter numbers—an internal reference we use to track individuals’ interactions with Vail Health. It is important to note that the information in the files did not contain Social Security numbers, driver’s license numbers, financial information, or other sensitive information.

WHAT WE ARE DOING
Vail Health hired third-party experts to help us investigate the extent of the incident, and we are further securing our systems to protect your information. We are also providing notice separately to individuals whose information was contained in the files. While the location of the impacted files was already access-restricted to a small number of individuals with a legitimate need to work with the information as part of their duties, we have added an additional layer of security to further restrict the ability to access that file location and have removed the impacted files from that location.

WHAT YOU CAN DO
While the information that was affected is not the type that generally can lead to identity theft or fraud, we nonetheless encourage those who received notice from us to (1) remain vigilant for such activity by reviewing your account statements and free credit reports, (2) consider placing a fraud alert of security freeze on your credit file, and (3) report any suspicious activity to law enforcement. 

FOR MORE INFORMATION
Our patients and their protected health information are important to us. To address questions you may have, we have set up the following dedicated toll-free number (866) 985-2702. Thank you for your understanding and patience.