Notification of Security Breach and Potential Cyber Theft
| Date: | December 22, 2020 |
| To: | Health Plan of San Joaquin (HPSJ) Providers |
| From: | Health Plan of San Joaquin |
| Subject: | Notification of Security Breach and Potential Cyber Theft |
| Business: | Medi-Cal |
HPSJ wants to inform you of a security incident that may impact you or your practice.
In mid-October 2020, HPSJ discovered a suspicious activity impacting a select few HPSJ
email accounts. An ensuing investigation revealed this may have resulted in exposure of the Protected Health Information (PHI) of HPSJ members and potentially Personally
Identifiable Information (PII) of our business partners.
We do not yet know the extent of PHI or PII exposure resulting from this security incident.
We anticipate this will impact only a partial number of HPSJ providers. HPSJ has engaged a cyber security firm and a data mining vendor to help us understand the impact of this
security incident. If you are an affected provider, you will receive a personalized letter from
us after the data mining process is complete. However, at this time HPSJ wants to make
you aware of the risk to potentially protected information.
In an abundance of caution, we are electing to issue another form of notice via a web site
posting and press releases to major media outlets within our service areas on December
21, 2020. We would like to make you aware of these media releases. We invite you to visit
our web site (www.hpsj.com), after December 22, 2020, for further information, and you
may call 1-800-691-6229 from 6:00 a.m. to 6:00 p.m. Pacific Time, should you have
additional questions or concerns.
Protecting the personal information of our members and business partners are among
HPSJ’s highest priorities, and we have taken and will continue to take steps to improve the security of information entrusted to our care.
Sincerely,
Health Plan of San Joaquin