On March 16, 2023, the University of California San Diego Health (“UC San Diego Health,” “UCSD Health”) filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after being informed by Solv Health that the company used certain tracking technologies without the university’s permission. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to patients’ first and last names, dates of birth, email addresses, IP addresses, third-party cookies and protected health information. After confirming that patient data was leaked, UCSD Health began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.

If you received a data breach notification from the University of California San Diego Health or Solv health, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the UC San Diego Health data breach, please see our recent piece on the topic here.

What We Know So Far About the UC San Diego Health Breach

News of the UC San Diego Health is still fresh; however, what we know at this point comes from the company’s filing with the U.S. Department of Health and Human Services Office for Civil Rights, as well as a notice posted on the UCSD Health website.

According to these sources, Solv Health recently informed UCSD Health that it had been using certain analytics tools without UCSD’s permission. Because Solv used these technologies, certain sensitive information belonging to patients was disclosed to unauthorized parties.

Upon discovering that sensitive consumer data was made available to an unauthorized party, UC San Diego Health began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your first and last name, date of birth, email address, IP address, third-party cookies and protected health information.

On March 16, 2023, UC San Diego Health sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident. According to the U.S. Department of Health and Human Services Office for Civil Rights, the Solv data breach affected 23,000 UC San Diego Health patients.

Why Did Solv Health Have UCSD Patient Data in Its Possession?

Evidently, Solv Health hosted and managed UC San Diego Health’s scheduling websites for its Express Care and Urgent Care locations. The UCSD Urgent Care is located in La Jolla at 8910 Villa La Jolla Drive. UCSD Express Care locations include:

• Downtown San Diego - 203 West F St.
• Encinitas - 1505 Encinitas Blvd.
• Eastlake/Chula Vista - 2295 Otay Lakes Road, Suite 110
• Pacific Highlands Ranch - 6030 Village Way, Suite 200
• Rancho Bernardo - 16950 Via Tazon

More Information About Solv Health

Solv Health is a healthcare and software company based in San Francisco, California. The company developed a new model of healthcare, attempting to eliminate many of the traditional burdens, such as opaque pricing and long wait times. Solv Health also creates software for providers designed to maximize revenue through marketing and other means. Solv Health employs more than 57 people and generates approximately $23 million in annual revenue.