Skip to main content

Ballad Health – Notice of Data Privacy Incident

One of the highest priorities of Ballad Health is the protection of each patient’s privacy. Ballad Health’s policies and procedures are designed to ensure access to each patient’s personal information is protected and only made available to individuals for appropriate purposes. Additionally, Ballad Health has deployed industry leading practices and technology to protect patient information from cyber threats. However, given the risk of cyber incidents, if there is a chance that patient care information could be compromised, it is important for a patient to be made aware as quickly as possible. Ballad Health is providing notice of a recent incident that may impact the privacy of some personal and/or medical information. Ballad Health is unaware of any misuse of individual information and is providing this notice out of an abundance of caution.

What Happened?

On or about January 13, 2022, Ballad Health became aware of unusual activity related to an employee’s email account. Ballad Health immediately began an investigation to help better understand the nature and scope of this activity, and on February 17, 2022, it was determined that the employee’s Ballad Health email account was accessed without authorization for a limited amount of time. It was not possible to determine exactly which email messages or attachments may have been accessed or viewed without authorization. In an abundance of caution, a detailed and thorough programmatic and manual review of the contents of the email account was performed to determine whether sensitive information was contained in any of the email messages or attachments within this employee’s Ballad Health account. Upon receiving the results of the detailed review of the email contents on March 16, 2022, Ballad Health worked diligently to locate address information for the affected individuals and just recently completed that effort.

What Information Was Involved?

The types of personal information that may have been accessible to the unauthorized actor include: name, date of birth, medical history, medical condition or treatment information, medical record number, diagnosis code, and patient account number.

What We Are Doing.

Ballad Health takes this incident and the security of personal information in its care seriously. Upon learning of the suspicious activity through Ballad Health’s surveillance activity, Ballad Health’s team immediately took steps to investigate the scope of the event. Security measures have been taken to secure the employee’s email account, including issuing a new password, and Ballad Health continues to educate the workforce on the importance of security measures each person must take to protect access to the Ballad Health email system.

In addition, Ballad Health is notifying relevant state and federal regulators to ensure awareness of the incident.

What You Can Do.

Although no social security numbers were included in the information that may have been accessed, Ballad Health encourages potentially impacted individuals to remain vigilant against incidents of identity theft and fraud by reviewing your account statements and explanations of benefits. Any suspicious activity should be reported to the appropriate insurance company, health care provider, or financial institution.

For More Information.

Individuals seeking additional information regarding this incident can call Ballad Health’s dedicated, toll-free number at 855-482-1570, Monday through Friday 8:00 a.m. to 5:30 p.m. Central Time (excluding some U.S. Holidays). Individuals may also write to Ballad Health’s Privacy Officer at 1019 W. Oakland Avenue, Suite 4, Johnson City, Tennessee 37604. Additional resources available to individuals can be found below.

Ballad Health is committed to safeguarding personal information and will continue its ongoing efforts to enhance the protections in place to secure the information in its care.

Best Practices

Although Ballad Health is unaware of any misuse of personal information as a result of this incident, individuals are encouraged to remain vigilant against incidents of identity theft and fraud, to review account statements and explanation of benefits, and to monitor credit reports for suspicious activity and to detect errors. Under U.S. law, you are entitled to one free credit report annually from each of the three major credit reporting bureaus. To order your free credit report, visit or call, toll-free, 1-877-322-8228. You may also contact the three major credit bureaus directly to request a free copy of your credit report.

Consumers have the right to place an initial or extended “fraud alert” on a credit file at no cost. An initial fraud alert is a one-year alert that is placed on a consumer’s credit file. Upon seeing a fraud alert display on a consumer’s credit file, a business is required to take steps to verify the consumer’s identity before extending new credit. If you are a victim of identity theft, you are entitled to an extended fraud alert, which is a fraud alert lasting seven years. Should you wish to place a fraud alert, please contact any one of the three major credit reporting bureaus listed below.

Equifax Fraud Alert, P.O. Box 105069 Atlanta, GA 30348-5069

Experian Fraud Alert, P.O. Box 9554, Allen, TX 75013

TransUnion Fraud Alert, P.O. Box 2000, Chester, PA 19016

You may further educate yourself regarding identity theft, fraud alerts, credit freezes, and the steps you can take to protect your personal information by contacting the consumer reporting bureaus, the Federal Trade Commission, or your state Attorney General. The Federal Trade Commission may be reached at: 600 Pennsylvania Avenue NW, Washington, DC 20580;; 1-877-ID-THEFT (1-877-438-4338); and TTY: 1-866-653-4261. The Federal Trade Commission also encourages those who discover that their information has been misused to file a complaint with them. You can obtain further information on how to file such a complaint by way of the contact information listed above. You have the right to file a police report if you ever experience identity theft or fraud. Please note that in order to file a report with law enforcement for identity theft, you will likely need to provide some proof that you have been a victim. Instances of known or suspected identity theft should also be reported to law enforcement and your state Attorney General. This notice has not been delayed by law enforcement.

If your username and password were impacted, it is recommended that you promptly change your password and security question and answer, as applicable, or take other steps appropriate to protect the potentially accessibly online account information and all other online accounts for which the same username, email address, password, and security question and answer are used.