By HFT Staff

Aspire Health Alliance experienced a data security incident that may have involved personal and protected health information belonging to certain individuals who sought services that Aspire Health provides. Aspire Health has sent notification of this incident by way of the United States Postal Service to potentially impacted individuals and provided resources to assist them. 

On September 13, 2023, they discovered unusual activity in our digital environment. Upon discovering this activity, they immediately took steps to secure the network and launched an investigation, aided by independent cybersecurity experts, to determine what happened and whether sensitive information may have been affected. As a result of the investigation, they learned that an unauthorized actor acquired certain files and data stored within their systems. Following a comprehensive review of the potentially affected files, which concluded on February 26, 2024, they determined that certain individuals’ information may have been impacted and moved as quickly as possible to provide notice and resources to assist.  

Based on the investigation, the affected personal and protected health information may have included name, date of birth, Social Security number, driver’s license number, patient account number, health insurance policy information, medical diagnosis and / or treatment information, date of medical service, financial account number and physician or medical facility information. Aspire Health has no evidence of any actual or attempted misuse of this information.  

On April 26, 2024, Aspire Health provided notice of this incident to potentially impacted individuals. In so doing, Aspire Health provided information about the incident and about steps that potentially impacted individuals can take to protect their information. Aspire Health has taken steps to prevent a similar event from occurring in the future.