Kairos Health Arizona, Inc. ("Kairos") provides public entity health care solutions and is issuing notice regarding a data security incident that may have involved health information of certain individuals. At this time, there is no evidence of any attempt to misuse the health information of any individuals affected by the incident. Kairos was able to successfully contain the incident and implemented additional security protocols.

PHOENIX, June 19, 2024 /PRNewswire-PRWeb/ -- Phoenix, Arizona, June 18, 2024 /PRNewswire/ -- Kairos Health Arizona, Inc. ("Kairos") provides public entity health care solutions and is issuing notice regarding a data security incident that may have exposed health information of certain individuals. At this time, there is no evidence of any attempt to misuse the health information of any individuals affected by the incident. This notice explains: (1) the incident; (2) measures Kairos has taken; and (3) additional steps potentially affected individuals may consider taking in response.

What Happened

On March 29, 2024, Kairos discovered that a former third-party Kairos consultant accessed certain Kairos data without authorization. Kairos immediately began an investigation and determined that the former Kairos consultant accessed and downloaded a limited amount of data from a Kairos database between November 2, 2023, and March 29, 2024. As soon as Kairos became aware of the incident, Kairos promptly terminated the former consultant's access to the Kairos database and conducted a forensic investigation.

Kairos learned on April 19, 2024, that the data accessed may have included health information. Upon further investigation, Kairos determined in mid-June 2024 that a reportable security incident had occurred. Kairos then conducted a thorough review of the data to determine which specific individuals' information may have been impacted and worked to obtain addresses and notify these individuals as quickly as possible.

What Information Was Involved

The information involved may have included individuals' names, health insurance identification numbers, health insurance claims and coverage information, and limited health information. Each affected individual may have been impacted differently and thus not all the elements were present for each individual. Social Security numbers, driver's license numbers, credit card numbers, and financial account numbers were not impacted.

What Kairos is Doing

Kairos takes customer privacy and security of information in its care very seriously. To help prevent a similar type of incident from occurring in the future, Kairos has implemented and will continue implementing additional security protocols designed to enhance the security of its network, internal systems, and applications. Kairos will also continue to evaluate additional steps that may be taken to further increase its defenses.

While Kairos does not have any information to suggest that any personal information has been used maliciously, Kairos is mailing written notice to individuals whose personal information may have been involved. These notices include resources that individuals can reference to further protect their information.

What Individuals Can Do

Individuals who do not receive mailed written notice of this incident but believe they may be affected or who have questions about this incident that are not addressed above may call 888.596.5037, Monday through Friday, between 9:00 AM and 9:00 PM Eastern Time.

About: Kairos Health Arizona, Inc., is an employee benefits pool created exclusively for public entities in Arizona: www.kairoshealthaz.org.

Media Contact

Tanya Edwards, Kairos Health Arizona, Inc., 1 602 845 6153, tanya.edwards@kairoshealthaz.org, www.kairoshealthaz.org

Cision View original content to download multimedia:https://www.prweb.com/releases/data-security-incident---kairos-health-arizona-inc-kairos-302176406.html

SOURCE Kairos Health Arizona, Inc.

Copyright 2024 PR Newswire