Notice of Data Breach and Our Commitment to Patient Privacy 1-30-2024, ST. PETERSBURG, FLORIDA Bay Area Heart Center is informing patients of a recent data breach involving our third-party business associate, Bowden Barlow Law, P.A., due to a cybersecurity attack and subsequent data breach. Following the cybersecurity attack, Bowden Barlow Law notified authorities and launched a forensic investigation which determined the potential patient information that was compromised may include names, addresses, full and partial Social Security Numbers, dates of service limited claims data and insurance policy numbers. We assure you, there is no current evidence confirming this information is accessible post-breach, and Bowden Barlow Law has since taken steps with a cybersecurity firm to secure systems and restore operations. Patient privacy and safety remain our top priority. In response, we are reevaluating our partnership with Bowden Barlow Law and enhancing our data protection measures. Additionally, we are offering all affected patients one year of credit monitoring services. We encourage those concerned to remain vigilant in monitoring their accounts. For full details and to access credit monitoring, please [click here]. Contact this toll-free number for any further questions – 833-705-6671 The Bay Area Heart Center is dedicated to maintaining the highest standards of patient care and data security, and we sincerely regret any inconvenience caused by this incident.

**Only records that were referred for collections were affected

Enrollment Deadline: March 31st, 2024

Equifax Credit Watch™ Gold
*Note: You must be over age 18 with a credit file to take advantage of the product

Key Features
• Credit monitoring with email notifications of key changes to your Equifax credit report
• Daily access to your Equifax credit report
• WebScan notifications1 when your personal information, such as Social Security Number, credit/debit card or bank account numbers are found on fraudulent Internet trading sites
• Automatic fraud alerts2, which encourages potential lenders to take extra steps to verify your identity before extending credit, plus blocked inquiry alerts and Equifax credit report lock3
• Identity Restoration to help restore your identity should you become a victim of identity theft, and a dedicated Identity Restoration Specialist to work on your behalf
• Up to $1,000,000 of identity theft insurance coverage for certain out of pocket expenses resulting from identity theft4

Enrollment Instructions

Please review your emailed or mailed letter from Bay Area Heart Center for your personalized activation code.
If you did not receive an email or letter and feel that you may have been affected by the data breach, please email [email protected] or call 833-705-6671 to speak with a representative.

Go to www.equifax.com/activate , for any technical issues when activating contact 1-888-Equifax.
Enter your unique Activation Code then click “Submit” and follow these 4 steps:

1. Register:
Complete the form with your contact information and click “Continue”.
If you already have a myEquifax account, click the ‘Sign in here’ link under the “Let’s get started” header.
Once you have successfully signed in, you will skip to the Checkout Page in Step 4
2. Create Account:
Enter your email address, create a password, and accept the terms of use.
3. Verify Identity:
To enroll in your product, we will ask you to complete our identity verification process.
4. Checkout:
Upon successful verification of your identity, you will see the Checkout Page.
Click ‘Sign Me Up’ to finish enrolling.
You’re done!
The confirmation page shows your completed enrollment.
Click “View My Product” to access the product features.

1WebScan searches for your Social Security Number, up to 5 passport numbers, up to 6 bank account numbers, up to 6 credit/debit card numbers, up to 6 email addresses, and up to 10 medical ID numbers. WebScan searches thousands of Internet sites where consumers’ personal information is suspected of being bought and sold, and regularly adds new sites to the list of those it searches. However, the Internet addresses of these suspected Internet trading sites are not published and frequently change, so there is no guarantee that we are able to locate and search every possible Internet site where consumers’ personal information is at risk of being traded. 2The Automatic Fraud Alert feature is made available to consumers by Equifax Information Services LLC and fulfilled on its behalf by Equifax Consumer Services LLC. 3Locking your Equifax credit report will prevent access to it by certain third parties. Locking your Equifax credit report will not prevent access to your credit report at any other credit reporting agency. Entities that may still have access to your Equifax credit report include: companies like Equifax Global Consumer Solutions, which provide you with access to your credit report or credit score, or monitor your credit report as part of a subscription or similar service; companies that provide you with a copy of your credit report or credit score, upon your request; federal, state and local government agencies and courts in certain circumstances; companies using the information in connection with the underwriting of insurance, or for employment, tenant or background screening purposes; companies that have a current account or relationship with you, and collection agencies acting on behalf of those whom you owe; companies that authenticate a consumer’s identity for purposes other than granting credit, or for investigating or preventing actual or potential fraud; and companies that wish to make pre-approved offers of credit or insurance to you. To opt out of such pre-approved offers, visit www.optoutprescreen.com 4The Identity Theft Insurance benefit is underwritten and administered by American Bankers Insurance Company of Florida, an Assurant company, under group or blanket policies issued to Equifax, Inc., or its respective affiliates for the benefit of its Members. Please refer to the actual policies for terms, conditions, and exclusions of coverage. Coverage may not be available in all jurisdictions.

General Q&A

Q: What happened?

On, December 11th, the Bay Area Heart Center learned of a recent data breach at Bowden Barlow Law, the contracted collections agency for the practice. This breach has potentially exposed some of our patient information.

The practice is taking this matter very seriously and ensuring that patients are informed promptly and transparently – making it a priority to put your safety and security as our primary concern.

Q: How did this happen?

A: This event occurred when one of Bowden Barlow Law’s employees received a phishing email, that after opening, resulted in an unknown third-party gaining access to one of their two servers on-site sometime between November 17, 2023, and December 1, 2023. Bay Area Heart Center received the full details of this data breach on December 27, 2023, and has been working diligently to determine the scope of information disclosed.

Following the cybersecurity attack, Bowden Barlow Law notified authorities and launched a forensic investigation which determined the potential patient information that was compromised included names, addresses, full and partial Social Security Numbers, limited claims data, dates of service, and insurance policy numbers. There is no evidence that any of this information was downloaded and is currently accessible. Bowden Barlow Law has since taken steps with a cybersecurity firm to secure systems and restore operations.

Q: When did this happen?

A: This event occurred sometime between November 17, 2023, and December 1, 2023, at Bowden Barlow Law offices. Bay Area Heart Center received the full details of this data breach on December 11, 2023, and has been working diligently to determine the scope of information disclosed.

Q: What information was compromised?

A: Following a forensic investigation, it was determined that the potential patient information that was compromised included names, addresses, full and partial Social Security Numbers, limited claims data, dates of service, and insurance policy numbers. There is no evidence that any of this information was downloaded and is currently accessible.

Q: Has this been reported?

A: Bay Area Heart Center has taken this situation very seriously as patient privacy is of the utmost importance. We have reported this issue to all necessary parties and have complied with all HIPAA guidelines. Bowden Barlow Law, where the cybersecurity breach took place, has also reported this to law enforcement officials and has conducted a forensic investigation.

Q: How do I know if my information was compromised?

A: Bay Area Heart Center sent out written communications via email and postal service to let you know if you were one of the patients affected. If you do not receive those communications by Friday, February 2, your information was not compromised.

Q: What do I do if my information was compromised?

A: If your information was compromised, we offer you our sincerest apologies. We encourage you to sign up for the credit monitoring membership and continue to monitor your accounts and credit reports.

Q: Was Bay Area Heart Center involved in, aware of, or at fault for this situation, in any way?

A: Absolutely not. Bay Area Heart Center was not aware of the attack until after it happened, and as the breach did not occur at our facility, this unfortunate circumstance was out of our control. The practice played no role in the events that led to the breach, but we are committed to rectifying this matter for our patients as swiftly, and transparently, as possible.

Q: What is Bay Area Heart Center doing to prevent this from happening again?

A: At Bay Area Heart Center we take your personal security and privacy very seriously. We have complied with all HIPAA guidelines and are reevaluating our partnership with this third-party vendor. We want to assure you that we have robust systems and processes in place to safeguard all current, present, and future patient information.

Q: How is Bay Area Heart Center making this up to our patients?

A: Bay Area Heart Center has provided all affected patients with a one-year membership to a credit monitoring service to ensure that their privacy remains the utmost priority. We also encourage all affected patients to continue to monitor their accounts and credit reports. Bay Area Heart Center is also reevaluating our partnership with the third-party vendor with the notion that the protection of your personal information is of the utmost importance.

Q: Is it safe for me to continue to be a patient with Bay Area Heart Center?

A: YES – we are immensely grateful for our valued patients, and we will be working diligently to ensure that your security and safety is protected. We hope to be able to serve you, long-term, as a trusted provider. We are committed to making any adjustments, advancements or