At Geisinger, we are always working to protect the security and privacy of our patients’ information. That is why we are notifying some of our patients about a recent incident that occurred at one of our vendors, Blackbaud, Inc., that may have involved some patient data. Blackbaud provides cloud-based data solutions to nonprofits, foundations and other social good organizations nationwide, including the Geisinger Foundation.
Blackbaud notified Geisinger it had discovered that an unauthorized individual gained access to Blackbaud’s systems between February 7 and May 20, 2020, and obtained backup copies of databases used by Blackbaud customers, including the database that manages Geisinger’s donor information. Geisinger immediately launched an internal investigation to understand the extent of the data involved, and on August 17, 2020, determined that the database contained some patient information, including names, dates of birth, age, gender, dates of treatment, departments of service, treating physicians, and/or medical record numbers.
Importantly, Social Security numbers, financial account and credit card numbers were not contained in the database and were not involved in the incident. Also, this incident did not involve any access to Geisinger’s medical systems or electronic health records.
At Geisinger, we take our patients’ privacy incredibly seriously and we are here to help anyone who may have questions or concerns about this incident. On October 15, we began mailing letters regarding the Blackbaud incident to those whose information may have been involved. We have also established a dedicated call center to answer any questions about this incident, which you can reach by calling 877- 591-0212 Monday through Friday, 9:00 a.m. to 6:30 p.m. Eastern Time, excluding major U.S. holidays.
For patients who may have been involved in the incident, we recommend you review statements received from your medical providers, and contact the provider immediately if you identify any services you did not receive.
To help prevent something like this from happening again, we are reviewing what information is stored at Blackbaud and its proposed security enhancements.