The University of Kentucky (UK) HealthCare is making public
notice below of any incident involving the loss of UK HealthCare patient
information. UK HealthCare takes seriously its commitment to safeguard
the privacy of all patients and maintains this page as a means of communication
to its patients about ongoing privacy issues. We have policies and
procedures in place to protect patient information and reinforce those measures
after any incident involving the loss of patient information.
A UK HealthCare
employee misdialed a phone number and left a voice mail regarding a patient’s
appointment. The information was limited the patient’s name, appointment
date, time, and location at UK HealthCare. UK
HealthCare notified the individual.
In two separate instances, a UK HealthCare employee scanned a patient’s test results into the
incorrect patient’s chart. The information was limited to the patient’s
identifiers and specific test results from UK HealthCare. UK HealthCare notified the affected
separate instances, UK HealthCare employees accessed patients’ record outside
their job responsibilities. The information was limited to specific
visit information at UK HealthCare. UK HealthCare notified the
Due to a registration error with the UK HealthCare personal patient
health portal, parts of two patients’ records were sent to the incorrect
personal health record of two other patients.
The information was limited to the patients’ identifiers and various
clinic information and test results. It
did not contain the patients’ social security numbers or financial
information. UK HealthCare notified the affected
A UK HealthCare employee provided an appointment reminder to the incorrect
patient. The information was limited to
specific visit information at UK HealthCare. UK
HealthCare notified the affected individuals.
In two separate instances, UK HealthCare employees provided a
prescription to the incorrect patient.
The information was limited to name, address, and name of the medication. UK HealthCare notified the affected individuals.
In two separate instances, a UK HealthCare employee released
information about a patients’ care to a person not authorized to have the
information. The release was limited to
information about the patients’ specific visits. UK HealthCare notified the affected individuals.
A UK HealthCare employee handed paperwork to the incorrect
patient. The paperwork included discharge
instructions for the patient and the patient’s name. UK HealthCare notified the affected individual.
For any incident, UK HealthCare recommends the following
steps to prevent any possible misuse of personal information.
You may also contact any or all of the three major Credit Reporting Agencies if you want to further learn about identity theft protection services offered by the Credit Reporting Agencies. The contact information is:
Equifax (www.equifax.com)P.O. Box 740241Atlanta, GA 30374-0241Phone: 800-685-1111
Experian (www.experian.com)P.O. Box 2104Allen, TX 75013-0949Phone: 888-EXPERIAN (397-3742)
Trans Union (www.transunion.com)P.O. Box 1000Chester, PA 19022Phone: 800-916-8800
Additionally, both the federal government and Kentucky state government offer consumer protection agencies. The contact information for the consumer protection agencies is below:
Federal Trade Commission (https://www.identitytheft.gov/info-lost-or-stolen.html)600 Pennsylvania Avenue, NWWashington, DC 20580Phone: 202-326-2222
Office of the Attorney General (http://ag.ky.gov/Pages/protectingconsumers.aspx)700 Capitol Avenue, Suite 118Frankfort, Kentucky 40601-3449Consumer Protection — 888-432-9257