Postal Prescription Service Reports Incident Involving Prescription Mail Order Accounts

Healthy Options Inc. d/b/a Postal Prescription Service (PPS) announced today that it discovered on Jan. 10, 2023, that due to an internal error certain patients’ names and email addresses were improperly shared with its affiliated grocery business. The names and email addresses were used to create a The Kroger Co. (“Kroger”) grocery account for affected individuals. No financial information or clinical information was disclosed. The information disclosed was limited to the patient’s first name, last name and email address for patients who created an online PPS account from July 2014 through Jan. 13, 2023, which is when this issue was corrected.

Upon learning of this incident, PPS updated its website to address this problem. Kroger is also reviewing its procedures to evaluate changes to reduce the likelihood of this type of incident from occurring in the future. Please note this incident was not caused by or related to a security incident.

Again, no financial or clinical information was impacted. Kroger has not received any indication that the information was misused because of this incident. However, as a general best practice, customers are encouraged to remain vigilant and monitor their accounts for any suspicious activity and to report any suspected incidents of fraud to their financial institutions.

Letters regarding this incident have been sent to affected individuals at the address (mail or email) Kroger has on file. If you are unsure if you were affected by the incident or for questions, please contact Kroger at 1 (877) 551-7953 or via email at gohipaaprivacyline@kroger.com. Additionally, customers may contact the company in writing at The Kroger Co.’s HIPAA Privacy Office, 1014 Vine Street, Cincinnati, OH 45202.