Neurosurgery One is posting this notice to notify patients of a recent event with a former billing company that may impact the privacy of personal information for some individuals. This notice only applies to some patients who received care prior to November 20, 2021.
On February 9, 2023, Reventics — an independent company that provided billing services for Neurosurgery One prior to January 1, 2022 — notified Neurosurgery One that a cyber-intruder had accessed and exfiltrated certain personally identifiable information (“PII”) and Protected Health Information (“PHI”) protected under HIPAA and state privacy laws. The incident occurred on or about December 15, 2022.
Reventics mailed letters on March 1, 2023, to potentially affected individuals, including some Neurosurgery One patients.
If you are a current or former Neurosurgery One patient and you did NOT receive a letter, your PII and PHI were NOT accessed. If you became a new Neurosurgery One patient on or after Nov. 20, 2021, you were not affected as the practice no longer utilized Reventics for billing after that date.
Patients who were potentially affected were sent a letter on March 1, 2023, that provides additional information and informing them what information was potentially accessed. Reventics is offering identity theft protection services through IDX at NO COST to all potentially affected individuals. This service provides 12 months of credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed identity theft recovery services. There is a deadline for signing up for this service. Please see the letter you received from Reventics for further details.
If you would like additional information regarding this incident, please call the Reventics toll-free assistance line at (833) 753-4765 between the hours of 7 am – 7 pm Mountain Time, Monday through Friday, except holidays.