At North fl OB-GYN, we see that the confidentiality and surety of your medical
and personal information is critically important, and we are committed to protecting it. The
purpose of this carry is to notify patients of a recent cyber incident that affected north Florida
OB-GYN and may have resulted in a compromise of certain electronic files containing medical
or personal information.
What Happened
On July 27, 2019, northward Florida OB-GYN became aware that a portion of its computer systems
were being affected by a cyber incident that we suspect may have begun on or before april 29,
2019. Shortly after becoming aware of the incident, northward florida OB-GYN completed a
preliminary assessment, in consultation with third party info technology consultants, and
determined that there had been improper access to certain portions of its networked computer
systems and that a computer virus had encrypted (made unreadable) certain files on its
computer systems. North Florida OB-GYN promptly shut down its networked computer systems,
initiated its incident response and recovery procedures, notified the federal Bureau of
Investigation, and began a privileged and confidential forensic investigation. Since then, North
Florida OB-GYN has decrypted (made readable again) or recovered virtually all of the affected
files and has taken actions to strengthen surety safeguards for the affected systems and
prevent similar incidents.
There is no evidence to appointment that any unauthorized person has actually viewed, retrieved, or
copied any of medical or personal information. As a precaution, northward florida OB-GYN has
sent letters by post to current and former patients whose medical or personal info may
have been on the affected servers. north fl OB-GYN has also notified the U.S.
Department of health and Human Services Office for Civil Rights and relevant say authorities
of this incident.
What Information Was Involved
The medical or personal information affected by the incident may have included name,
demographic information, date of birth, Social security number, drivers permission or identification
card number, employment information, health indemnity information, and health information,
such as treatment, diagnosis, and related information and medical images. The affected
computer systems did not contain any citation or debit card or financial account information.