toggle mobile menu Menu
toggle search menu

Site Navigation



Blog Post

St. Luke’s Blogs

Notice of Data Breach

April 4, 2023

Notice of Data Breach

What Happened  

On March 6, 2023, St. Luke’s Health System discovered a technical error that resulted in certain letters mailed on Feb. 17 and Feb. 24 to be inadvertently sent to the incorrect mailing address. St. Luke’s immediately began investigating the cause of this error and implementing safeguards to prevent future occurrences. This error has been corrected, and there is no indication at this time to suggest that there has been any attempt to misuse patient information. Individuals who received another individual’s letter because of this error are asked to please destroy the letter.  

We apologize that this happened and for any inconvenience that it may have caused.  

What Information Was Involved 

These letters included the guarantor’s name, guarantor number, patient’s name, date of service, encounter-specific account number, outstanding balance and balance status.  

What St. Luke’s Is Doing 

Upon learning of this issue, St. Luke’s immediately began investigating the cause of this error. We have addressed the cause of this error and have implemented additional safeguards to prevent this error from happening in the future. In addition, impacted individuals’ accounts have been reset to provide additional time to resolve their balances. Their accounts are not in collections, and they are not accountable for the balances in the incorrect letter.  

In addition, St. Luke’s is offering identity theft protection services through IDX, the data breach and recovery services expert. IDX identity protection services include: 12 months of credit and CyberScan monitoring, a $1 million insurance reimbursement policy, and fully managed identity theft recovery services. With this protection, IDX will help resolve issues if an identity is compromised. 

What Impacted Individuals Can Do 

Individuals who received incorrect letters are encouraged to contact IDX with any questions and to enroll in the free identity protection services by calling 833-753-4486 or going to and using the Enrollment Code provided on the letter. IDX representatives are available Monday through Friday from 7 a.m. - 7 p.m. Mountain Time. Please note the deadline to enroll is July 4, 2023. 

Again, at this time, there is no evidence that patient information has been misused. However, we encourage impacted individuals to take full advantage of this service offering. IDX representatives can answer questions or concerns arising out of the incident regarding the protection of personal information.  

Individuals who incorrectly received another individual’s letter are asked to please destroy that letter. Incorrect letters may also be brought to any of our St. Luke’s facilities, and we will properly dispose of the letter. 

For More Information 

Individuals impacted will find detailed instructions for enrollment on the Recommended Steps document that was enclosed in a follow-up letter. Individuals will need to reference the enrollment code at the top of this letter when calling or enrolling online, so please do not discard that letter. 

Please call 833-753-4486 or go to for assistance or for any additional questions you may have.