Notice of Data Security Incident

Valley Oaks Health Provides Notice of Data Security Incident

 Lafayette, IN The privacy and security of your personal information we maintain is of the utmost importance to Valley Oaks Health. On March 18, 2024, Valley Oaks Health notified certain individuals about a data security incident that impacted their personal and health information.


Valley Oaks Health learned that an unauthorized actor gained access to portions of Valley Oaks’ network environment between June 8, 2023 to June 13, 2023. Upon learning of the issue, Valley Oaks immediately commenced a prompt and thorough investigation. As part of the investigation, Valley Oaks has been working very closely with external cybersecurity professionals experienced in handling these types of incidents. After an extensive forensic investigation and manual document review, Valley Oaks discovered on February 2, 2024 that the accessed and acquired files contained personal and protected health information, including full names, Social Security numbers, medical treatment information, and health insurance information, dates of birth, clinical information, and patient account number.


Valley Oaks has no evidence that any of the information has been misused. Nevertheless, out of an abundance of caution, Valley Oaks is providing notice to the individuals whose information was potentially involved. Notified individuals may take precautionary measures to protect their information, including placing a Fraud Alert and Security Freeze on credit files, and obtaining a free credit report. Where applicable, Valley Oaks is providing credit monitoring services to individuals who have their Social Security number involved. Individuals should also remain vigilant in reviewing their financial and explanation of benefits statements and report any suspicious activity.


Valley Oaks is committed to maintaining the privacy of personal information in our possession and have taken many precautions to safeguard it. Valley Oaks continually evaluates and modifies our practices and internal controls to enhance the security and privacy of your personal information.


If you think you may have been impacted and did not receive a notification letter, or have any further questions regarding this incident, please call our dedicated response line at 1-888-844-0232. The response line is available Monday through Friday, 9 am – 9 pm Eastern Time.


  1. Placing a Fraud Alert on Your Credit File.

You may place an initial one-year “Fraud Alert” on your credit files, at no charge. A fraud alert tells creditors to contact you personally before they open any new accounts. To place a fraud alert, call any one of the three major credit bureaus at the numbers listed below. As soon as one credit bureau confirms your fraud alert, they will notify the others. 


P.O. Box 105069

Atlanta, GA 30348-5069

Website Link

(800) 525-6285


P.O. Box 9554

Allen, TX 75013

Website Link

(888) 397-3742


Fraud Victim Assistance Department

P.O. Box 2000

Chester, PA 19016-2000

Website Link

(800) 680-7289

  1. Consider Placing a Security Freeze on Your Credit File.

If you are very concerned about becoming a victim of fraud or identity theft, you may request a “Security Freeze” be placed on your credit file, at no charge. A security freeze prohibits, with certain specific exceptions, the consumer reporting agencies from releasing your credit report or any information from it without your express authorization. You may place a security freeze on your credit report by contacting all three nationwide credit reporting companies at the numbers below and following the stated directions or by sending a request in writing, by mail, to all three credit reporting companies:

Equifax Security Freeze

P.O. Box 105788         

Atlanta, GA 30348  

Website Link



Security Freeze    

P.O. Box 9554          

Allen, TX 75013

Website Link


TransUnion Security Freeze 

P.O. Box 2000

Chester, PA 19016

Website Link


In order to place the security freeze, you’ll need to supply your name, address, date of birth, Social Security number and other personal information. After receiving your freeze request, each credit reporting company will send you a confirmation letter containing a unique PIN (personal identification number) or password. Keep the PIN or password in a safe place. You will need it if you choose to lift the freeze.


If your personal information has been used to file a false tax return, to open an account or to attempt to open an account in your name or to commit fraud or other crimes against you, you may file a police report in the City in which you currently reside.


If you do place a security freeze prior to enrolling in the credit monitoring service as described above, you will need to remove the freeze in order to sign up for the credit monitoring service. After you sign up for the credit monitoring service, you may refreeze your credit file. 


  1. Obtaining a Free Credit Report.


Under federal law, you are entitled to one free credit report every 12 months from each of the above three major nationwide credit reporting companies. Call 1-877-322-8228 or request your free credit reports online at Once you receive your credit reports, review them for discrepancies. Identify any accounts you did not open or inquiries from creditors that you did not authorize. Verify all information is correct. If you have questions or notice incorrect information, contact the credit reporting company.

  1. Additional Helpful Resources.


Even if you do not find any suspicious activity on your initial credit reports, the Federal Trade Commission (FTC) recommends that you check your credit reports periodically. Checking your credit report periodically can help you spot problems and address them quickly.


If you find suspicious activity on your credit reports or have reason to believe your information is being misused, call your local law enforcement agency and file a police report. Be sure to obtain a copy of the police report, as many creditors will want the information it contains to absolve you of the fraudulent debts. You may also file a complaint with the FTC by contacting them on the web at, by phone at 1-877-IDTHEFT (1-877-438-4338), or by mail at Federal Trade Commission, Consumer Response Center, 600 Pennsylvania Avenue, NW, Washington, DC 20580. Your complaint will be added to the FTC’s Identity Theft Data Clearinghouse, where it will be accessible to law enforcement for their investigations. In addition, you may obtain information from the FTC about fraud alerts and security freezes.


We also recommend that you contact your financial institution to inquire about steps to take to protect your account, including whether you should close your account or obtain a new account number.

  1. Protecting Your Medical Information.


We have no information to date indicating that your medical information involved in this incident was or will be used for any unintended purposes. As a general matter, however, the following practices can help to protect you from medical identity theft.


  • Only share your health insurance cards with your health care providers and other family members who are covered under your insurance plan or who help you with your medical care. 


  • Review your “explanation of benefits statement” which you receive from your health insurance company. Follow up with your insurance company or care provider for any items you do not recognize. If necessary, contact the care provider on the explanation of benefits statement and ask for copies of medical records from the date of the potential access (noted above) to current date.


  • Ask your insurance company for a current year-to-date report of all services paid for you as a beneficiary. Follow up with your insurance company or the care provider for any items you do not recognize.

Now Offering Primary Medical Care!

This is where a journey to better health begins; primary care includes routine examinations, general health advice, and early detection of potential problems.