Nuvance Health Addresses Blackbaud Data Security Incident

Posted: 1/7/2021

Nuvance Health announced today that it is mailing letters to its donors and patients advising them of a data security incident that occurred at one of its vendors, Blackbaud, Inc. (“Blackbaud”). Blackbaud is a third-party vendor that provides customer relationship management and financial services tools for fundraising purposes to thousands of schools, non-profits and health systems, including the health system’s related Foundations.

On July 16, 2020, Blackbaud informed the health system it had discovered that unauthorized individual(s) had gained access to Blackbaud’s systems between February 7 and May 20, 2020. Blackbaud further advised that the unauthorized individual(s) acquired backup copies of databases used by its customers, including a backup of the database the health system’s related Foundations use for fundraising purposes. Once informed, the health system immediately took steps to understand the extent of the incident and the data involved.

Based on the health system’s review of the affected database, it has reason to believe that it contained information belonging to some health system patients, including names, contact information, ages, gender, dates of birth, admission dates, departments of treatment, treating physicians, and health insurance statuses.

Importantly, no financial information—including credit card or bank account information—was affected by this incident. Also, this data security incident did not involve any access to the health system’s medical record.

The health system has established a dedicated call center to answer any questions about this incident, at 1-866-968-0208, from 8:00 a.m. to 5:30 p.m. Central Time, Monday through Friday, excluding major U.S. holidays. At this time, there is no evidence that the information involved in the incident has been misused. However, for any affected patients, the health system recommends you review the statements you receive from your healthcare providers. If you see services you did not receive, please contact the provider that issued the statement immediately.

Ensuring the privacy and security of our patient information is of the utmost importance to us; we deeply regret any concern or inconvenience this incident may cause and are grateful for your continued support and engagement. To help prevent something like this from happening again, we are reevaluating our relationship with Blackbaud and closely monitoring its continued updates and the security measures it implemented in response to the incident.

Top News


Nuvance Health knows there is excitement about COVID-19 vaccines, and those who want one are wondering when and how to schedule an...
  Eight months after an anonymous benefactor called on the region to raise $1 million for Sharon Hospital’s COVID-19 and emer...