Postal Prescription Service Reports Incident Involving Prescription Mail Order Accounts

Rhea-AI Summary

The Postal Prescription Service (PPS) disclosed an internal error on January 10, 2023, where patient names and email addresses were improperly shared with an affiliated grocery business, The Kroger Co. (KR). The data breach affected individuals who created an online PPS account between July 2014 and January 13, 2023. Importantly, no financial or clinical data was disclosed. Kroger is reviewing its procedures to prevent future incidents. Affected individuals have been notified, and customers are encouraged to monitor their accounts for suspicious activity.

Positive

• No financial or clinical information was disclosed.
• Kroger is proactive in reviewing procedures to prevent future occurrences.

Negative

• Patient names and email addresses were improperly shared.
• The incident could impact customer trust.

CINCINNATI, March 10, 2023 /PRNewswire/ -- Healthy Options Inc. d/b/a Postal Prescription Service (PPS) announced today that it discovered on January 10, 2023, that due to an internal error certain patients' names and email addresses were improperly shared with its affiliated grocery business. The names and email addresses were used to create a The Kroger Co. ("Kroger") grocery account for affected individuals. No financial information or clinical information was disclosed. The information disclosed was limited to the patient's first name, last name and email address for patients who created an online PPS account from July 2014 through January 13, 2023, which is when this issue was corrected.

Upon learning of this incident, PPS updated its website to address this problem. Kroger is also reviewing its procedures to evaluate changes to reduce the likelihood of this type of incident from occurring in the future. Please note this incident was not caused by or related to a security incident.

Again, no financial or clinical information was impacted. Kroger has not received any indication that the information was misused because of this incident. However, as a general best practice, customers are encouraged to remain vigilant and monitor their accounts for any suspicious activity, and to report any suspected incidents of fraud to their financial institutions. 

Letters regarding this incident have been sent to affected individuals at the address (mail or email) Kroger has on file. If you are unsure if you were affected by the incident or for questions, please contact Kroger at 1 (877) 551-7953 or via email at gohipaaprivacyline@kroger.com. Additionally, customers may contact the company in writing at The Kroger Co.'s HIPAA Privacy Office, 1014 Vine Street, Cincinnati, OH 45202.

 About Kroger

At The Kroger Co., we are dedicated to our Purpose: To Feed the Human Spirit™. We are, across our family of companies nearly half a million associates who serve over 11 million customers daily through a seamless digital shopping experience and retail food stores under a variety of banner names, serving America through food inspiration and uplift, and creating #ZeroHungerZeroWaste communities by 2025. To learn more about us, visit our newsroom and investor relations site.

View original content to download multimedia:https://www.prnewswire.com/news-releases/postal-prescription-service-reports-incident-involving-prescription-mail-order-accounts-301769020.html

SOURCE The Kroger Co.

FAQ

What incident occurred with Kroger on January 10, 2023?

An internal error at Postal Prescription Service led to improper sharing of patient names and email addresses with Kroger.

Did Kroger's data breach involve financial information?

No, only names and email addresses were shared, with no financial or clinical information disclosed.

What actions is Kroger taking following the data incident?

Kroger is reviewing its procedures to reduce the likelihood of future incidents.

How can affected individuals find out if they were impacted?

Affected individuals were notified via mail or email; they can also contact Kroger for inquiries.