Medical Mall and Atlantic Pharmacy Security Incident
On January 15, 2010, St. Mary Medical Center was informed by our claims processing company NDCHealth Corporation, which works with our on campus pharmacies, that between February 2008 and December 2008 they sent an electronic data file to another pharmacy in error. The electronic data file involved patient prescriptions that were dispensed at Medical Mall Pharmacy or Atlantic Professional Pharmacy, in Long Beach, California between February 2008 and December 2008. NDCHealth stresses that the St. Mary Medical Center pharmacies were not responsible for this incident.
The pharmacy that received the information in error has confirmed that none of the prescription claim information was disclosed or used for any purpose whatever and that the information was immediately destroyed. The electronic data file in question did not contain any credit or consumer information such as credit card or driver’s license. The file did contain some of the following information: full name, date of birth, prescription number, insurance cardholder ID and drug name. As soon as NDCHealth became aware of this issue, it was immediately investigated and corrected.
We are committed to protecting the privacy of our customers and take this incident very seriously. We have confirmed that NDCHealth has put new, more comprehensive and stringent policies and procedures in place to safeguard personal and health information and to ensure that they are rigorously following federal and state laws in handling this sensitive data.
Additionally, St. Mary Medical Center has mailed notification letters to patients whose prescription information may have been included. If you filled a prescription at one of our on-campus pharmacies between February and December of 2008 and did not receive a notification letter, or if you have any questions about this matter, please contact Janet Clark, St. Mary Medical Center Facility Privacy Official, directly at 562-491-9661.
