HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

American Optometric Association Warns Optometrists of Credit Fraud Risk

The American Optometric Association (AOA) has warned optometrists and students to take steps to reduce the risk of credit damage and fraud.

A number of optometrists and optometry students have reported receiving Chase Amazon credit cards in the mail, even though they did not apply for new credit accounts. Some individuals with credit alerts on their accounts have also reported being contacted by credit reference agencies to alert them to failed attempts to open credit accounts in their names. The high number of reports suggest that a data breach has occurred, although at this stage it is unclear which organization has been attacked.

Reports of credit card fraud and other fraudulent activity started circulating on August 2, 2016. AOA contacted both the Federal Bureau of Investigation and the Federal Trade Commission for further information. The AOA also conducted an investigation to determine whether cyberattackers had succeeded in infiltrating its network and accessing its databases.

That investigation has now been completed and AOA is certain that its network remains secure and that it was not the source of the breach. Many of the individuals that received credit cards or had applications declined were not present in its database. The AOA also confirmed that Social Security numbers are not stored in its databases.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

Other associations have similarly performed analyses of their networks and data access logs to determine whether they had been attacked. So far, the American Academy of Optometry (AAO) and the National Board of Examiners in Optometry (NBEO) have completed internal investigations and have confirmed that their networks have not been infiltrated.  The Association for Schools and Colleges of Optometry (ASCO) also conducted an investigation and confirmed that its systems had not been breached. A review of its third party vendors was also conducted, but their databases were found to be secure with no external access discovered. However, the attackers have obtained data from somewhere, but the source of the data remains a mystery.

Optometrists and optometry students have been warned to be on high alert and have been advised to take steps to protect their credit. A credit report should be obtained from one of the three main credit agencies – Experian, Equifax, or Transunion – and the reports should be scrutinized for signs of fraudulent activity. A credit report can be obtained without charge every 12 months. A report can also be obtained from each of the other two agencies. Spreading out the reports will allow individuals to monitor their credit for a longer period without charge.

A credit freeze can also be placed on accounts by containing the credit agencies. This will ensure that credit cannot be taken out in individuals’ names. Alternatively, placing credit alerts on accounts will ensure that individuals are notified if an application for credit is received.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.