Notice of Cerner Data Security Incident

Scotland Health is committed to protecting the confidentiality and security of its patients’ information. Cerner, now part of
Oracle Health, a third-party electronic health record (EHR) vendor used by many health care providers nationwide, recently 
notified us that certain of our patient information was impacted in a security incident that occurred on Cerner’s systems. For 
clarity, this incident did not involve access to, nor was it a failure of, Scotland Health’s systems.

While we no longer utilize Cerner as a primary EHR provider, certain sites within our system historically used Cerner 
systems. As part of our transition to other EHR vendors, Cerner has assisted in migrating patient records from legacy Cerner 
systems and remains responsible for storing and protecting personal and medical information of our patients in carrying out 
such assistance. Unfortunately, Cerner informed us that the incident impacted certain information being maintained and 
migrated by Cerner relating to certain patients who received care from Scotland Health before February 4, 2019. 

What happened?

Based on information provided to us by Cerner, Cerner became aware of a security incident in February 2025, in which an 
unauthorized third party gained access to certain legacy Cerner systems. Cerner contacted law enforcement, engaged 
cybersecurity specialists, began an investigation and initiated its critical incident response process, including taking steps 
to secure the impacted systems. Through this investigation, Cerner determined that the unauthorized actor had gained 
access to some Cerner systems at least as early as January 22, 2025. 

Due to the complexity of the investigation and the nature of the data involved, Cerner only recently notified us that some of 
our patients’ information was likely impacted. Upon receiving such notice, we promptly began investigating the incident to
determine the scope of impact to our patients, concluding our review on March 17, 2026.

What information was involved?

For Scotland Health patients who received care before February 4, 2019, certain patient information may have been 
impacted: patient name, address, date of birth, medical record number, providers, diagnoses, medications, test results, 
images and other information included with patient medical records, including, in very limited instances, Social Security 
numbers.

To the best of Cerner’s knowledge, only twenty individuals’ Social Security numbers were impacted by this 
incident. 

Moreover, to the best of Cerner’s knowledge, this incident did not involve access to credit card information or bank 
account information.

What are we doing?

While Scotland Health’s systems were not affected by this breach, we have taken steps to address the situation and prevent 
future occurrences. We promptly engaged our privacy and cybersecurity teams to investigate the incident and have worked 
closely with Cerner to determine the scope of the breach and identify potentially impacted patients.

Cerner indicated it has taken remedial steps designed to prevent this kind of event from happening again, including, but not 
limited to, enhanced technical protections and increased monitoring. 

Importantly, Cerner reported that it is not aware of any evidence to suggest there has been identity theft or fraud related to 
Scotland Health patient data. However, as a precaution, we are notifying potentially impacted patients by this publication. 
Cerner is also mailing notification letters that offer complimentary two-year credit monitoring to our patients identified through 
Cerner’s review for whom we have sufficient contact information.

What can you do?

We encourage all patients to routinely check their accounts and consider using publicly available security services to help 
protect their identities from fraud. Federal regulatory agencies recommend remaining vigilant for 12 to 24 months following 
a potential exposure of personal information. The notification letter includes guidance and additional information on general 
steps people can take to monitor and protect their personal information.

For more information

Cerner has established a dedicated, toll-free call center at 833-549-2141 to answer questions from those who were 
potentially impacted. The call center is available Monday through Friday from 9 a.m. to 9 p.m. eastern time, excluding major 
U.S. holidays. Callers will be asked for an engagement number, which is B164750.

We apologize for any concern or inconvenience this may have caused. We remain committed to protecting the confidentiality 
and security of our patients’ information and to working closely with our vendors to ensure they uphold our high standards 
for privacy protection. We have and will continue to enhance our security and vendor controls, as appropriate, to minimize 
the risk of similar situations in the future. 

Frequently Asked Questions

1. What happened?

Cerner reported that it became aware of a security incident in February 2025, in which an unauthorized third party 
gained access to certain legacy Cerner systems. Cerner contacted law enforcement, engaged cybersecurity 
specialists, began an investigation and initiated its critical incident response process, including taking steps to 
secure the impacted systems. Through this investigation, Cerner determined that the unauthorized actor had gained 
access to some Cerner systems at least as early as January 22, 2025. 

Due to the complexity of the investigation and the nature of the data involved, Cerner only recently notified us that 
some of our patients’ information was likely impacted. Upon receiving such notice, we promptly began investigating 
the incident to identify impacted patients. 

For clarity, this incident did not involve access to, nor was it a failure of, Scotland Health’s systems.

2. What personal information of mine may have been affected?

The incident may have impacted information of certain patients who received care from Scotland Health before
February 4, 2019. The impacted information for our patients varied by individual but may have included patient 
name, address, date of birth, medical record number, providers, diagnoses, medications, test results, images and 
other information included with patient medical records, including, in very limited instances, Social Security 
numbers.

To the best of Cerner’s knowledge, this incident did not involve access to credit card information or bank 
account information.

3. What have you done to keep something like this from happening again?

While our systems were not affected by this breach, we have taken steps to address the situation and prevent future 
occurrences. We promptly engaged our privacy and cybersecurity teams to investigate the incident and have 
worked closely with Cerner to determine the scope of the breach and identify potentially impacted patients.

Furthermore, Cerner indicated it has taken remedial steps designed to prevent this kind of event from happening 
again, including, but not limited to, enhanced technical protections and increased monitoring.

4. Why does Cerner have my information?

Cerner, now part of Oracle Health, is a third-party electronic health record (EHR) vendor used by many health care 
providers nationwide. While we no longer utilize Cerner as a primary EHR provider, certain sites within our system 
historically used Cerner systems. As part of our transition to other EHR vendors, Cerner has assisted in migrating 
patient records from legacy Cerner systems and remains responsible for storing and protecting personal and 
medical information of our patients in carrying out such assistance. 

5. What can I do now?

 We encourage all patients to routinely check their accounts and consider using publicly available security services 
to help protect their identities from fraud. Federal regulatory agencies recommend remaining vigilant for 12 to 24 
months following a potential exposure of personal information. The notification letter includes guidance and 
additional information on general steps people can take to monitor and protect their personal information.