Notice of Data Security Incident

Baylor Genetics Notifies Patients of Data Security Incident

Effective Date: August 14, 2020

Baylor Genetics is committed to maintaining the privacy and security of information. Baylor Genetics recently notified individuals of a data security incident involving access to certain employee email accounts by an unauthorized third-party.

Upon learning of this issue, Baylor Genetics promptly disabled access to the impacted email accounts and required mandatory password resets to prevent further access by unauthorized parties. Baylor Genetics immediately commenced a prompt and thorough investigation, working closely with external cybersecurity professionals. After an extensive forensic investigation and comprehensive and time-consuming manual document review, we discovered on July 16, 2020 that one or more of the email accounts accessed between September 24, 2019 and November 14, 2019 contained identifiable personal and/or protected health information. Baylor Genetics has no evidence to suggest that any data is misused or otherwise in the possession of someone it should not be. However, out of an abundance of caution, we are issuing notices to anyone whose information may have been contained in the accessed accounts.

The accessed email accounts contained the personal and protected health information of certain patients, including their names, dates of birth, test orders, patient account numbers unique to Baylor Genetics, and, in a very limited number of cases, Social Security numbers, financial account information, driver’s license numbers, and passport numbers.  Test results were not contained in the impacted email accounts. This incident does not affect all patients of Baylor Genetics.

Baylor Genetics is sending notification letters to all affected patients for whom we have enough information to determine a physical address. Notified patients should monitor insurance statements for any transactions related to care or services that have not actually been received. For the very limited number of individuals whose Social Security numbers were impacted, complimentary credit monitoring is being offered for twelve (12) months.

Since the date of this incident, Baylor Genetics has taken significant measures to improve its technical safeguards in order to minimize the risk of a similar incident in the future, including improving its multi-factor authentication software and providing additional training and education to Baylor Genetics employees on identification and handling of malicious emails.

For further questions or additional information regarding this incident, or to determine if you may be impacted, Baylor Genetics has set up a dedicated toll-free response line for patients to ask questions. The response line can be contacted at (866) 925-2017 and is available Monday through Friday, 8:00 a.m. to 5:30 p.m. Central Time.

About Baylor Genetics:

Baylor Genetics is a joint venture of H.U. Group Holdings, Inc. and Baylor College of Medicine, including the #1 NIH-funded Department of Molecular and Human Genetics. Located in Houston’s Texas Medical Center, Baylor Genetics provides specialized genetic and infectious disease testing solutions for clients in 50 states and 16 countries.

Learn more about Baylor Genetics at www.baylorgenetics.com.