St. Luke’s Health System was notified on June 3, 2022, that a business associate was subject to a cybersecurity incident in late May 2022. St. Luke’s has had a contract with the vendor to provide statement processing and billing services. On July 6, 2022, St. Luke’s Health System learned protected health information of some patients who had billing statements processed in May 2022 could have been accessed as part of this cybersecurity incident. There is no evidence at this time that the unauthorized user has misused this information.
Information that may have been compromised includes:
Financial information that may have been compromised includes:
St. Luke’s takes its responsibility to safeguard personal and protected health information very seriously. In furtherance of transparency and our commitment to our patients’ privacy and safety, St. Luke’s has moved to notify impacted patients as quickly as possible. To best protect our patients, we have suspended all processing activities with this vendor. St. Luke’s Cyber Security and Compliance are working with the vendor concerning its internal investigation. The vendor has engaged the FBI and contracted with an external forensics firm to better understand this incident and has implemented improved security measures to prevent a similar incident in the future. Specific patients who were impacted will be notified via mailed letter.
St. Luke’s has engaged IDX, data breach and recovery services experts, to ensure the highest level of protection for patients impacted by this incident. Through this partnership, St. Luke’s is offering the following complimentary protection services:
A call center will be activated on July 28 at 4 p.m. where additional information will be available by calling 1-833-423-2976. The call center will be available Monday through Friday, 7 a.m. to 7 p.m., MST.
If you received a letter notification regarding this vendor’s cybersecurity incident, we encourage you to contact IDX with any questions and to enroll in the free identity protection services by calling 1-833-423-2976 or by going to IDX's website and enrolling online.