Centerstone patients, employees impacted by data breach

NASHVILLE, TN (WSMV) -  A not-for-profit health system in Tennessee is notifying current and former patients and employees that their personal and protected health information could have been accessed without their authorization during a data breach. 

The investigation into the "IT security incident" started after an employee for Centerstone of Tennessee, Inc. noticed "unusual activity" involving their email account. 

Centerstone said an independent computer forensics firm found certain current and former Centerstone patients and employees' personal information was "accessed or acquired without authorization." 

This incident happened between December 12 and December 16, 2019.

The following information may have been involved in the incident:

  • name
  • date of birth 
  • Social Security number
  • driver's license or state identification card number
  • medical diagnosis or treatment information
  • Medicaid and/or Medicare information
  • health insurance information 

At this time, Centerstone said there "is no evidence of the misuse of any information potentially involved in this incident." 

“Centerstone takes the security of patient and employee information very seriously and is taking steps to prevent a similar event from occurring in the future,” David C. Guth, Jr, chief executive officer at Centerstone, said in a statement on Friday.

Centerstone said their representatives started notifying "potentially impacted individuals" on Thursday.

"We are immediately investing more than $800,000 dollars to upgrade IT security infrastructure, including new software applications and security appliances,” Guth said. 

Centerstone setup a toll-free call center to answer questions from those involved in the incident. The center is taking calls Monday through Friday from 8 a.m. to 8 p.m. at (833) 752-0854.

"We're also working with independent advisors to conduct a security audit and gap assessment to determine if there are other areas where we have an opportunity to make further security improvements. Further, we are evaluating internal policies and procedures and conducting additional staff training around IT security,” Guth said. 

Centerstone is offering "potentially impacted individuals" complimentary credit monitoring and identity theft restoration services.

"Centerstone recommends that individuals enroll in the services provided and follow the recommendations contained within the notification letter to ensure their information is protected," the company said in a statement on Friday.

Centerstone provides mental health and substance use disorder treatments. is now with you on the go! Get the latest news updates and video, 4WARN weather forecast, weather radar, special investigative reports, sports headlines and much more from News4 Nashville.

>> Click/tap here to download our free mobile app. <<

Copyright 2020 WSMV (Meredith Corporation). All rights reserved.


Recommended for you

(0) comments

Welcome to the discussion.

Keep it Clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
Don't Threaten. Threats of harming another person will not be tolerated.
Be Truthful. Don't knowingly lie about anyone or anything.
Be Nice. No racism, sexism or any sort of -ism that is degrading to another person.
Be Proactive. Use the 'Report' link on each comment to let us know of abusive posts.
Share with Us. We'd love to hear eyewitness accounts, the history behind an article.