Florida Digestive Health Specialists Suffers Data Security Incident Involving Protected Health Information
In a December 27, 2021 “Notice of Data Breach,” Florida Digestive Health Specialists, LLP (“FDHS”) notified consumers that “[o]n December 16, 2020, an employee noted suspicious activity within their FDHS email account that resulted in suspicious emails having been sent from their employee account. Several days later, on December 21, 2020, FDHS learned that funds had been misrouted to an unknown bank account.”
The “Notice of Data Breach” stated that its investigation of the data breach “. . . found that a limited number of FDHS employee email accounts had been accessed by unauthorized users. [The] investigation was involved and, though access was confined to a limited number of FDHS email accounts, those accounts were voluminous. FDHS investigated those email accounts to determine what information was found in those accounts, whether it constituted personal information, protected health information, or other confidential information, and to whom that information belonged. This process took a considerable amount of time and only concluded on November 19, 2021.”
According to the data breach notice, “[t]he categories of PHI present in the posted data set include . . . first and last name, address, date of birth, Social Security number, financial information, health insurance information, medical information, diagnosis, health insurance individual policy number, and Medicare/Medicaid information.” [Emphasis added.]
The total number of persons affected, according to the Office Of The Maine Attorney General, is 212,509.
To view the data breach notice, please click “FDHS Notice of Data Breach.”
Have You Been Impacted by A Data Breach?
If so, please complete the form on the right or contact Michael Yarnoff, Esq., (215) 792-6676, Ext. 804, [email protected], [email protected], for a free, no-obligation evaluation of potential legal claims.
Examples of the type of relief sought by data privacy class actions, include, but are not limited to, reimbursement of identity theft losses and of out-of-pocket costs paid by data breach victims for protective measures such as credit monitoring services, credit reports, and credit freezes; compensation for time spent responding to the breach; imposition of credit monitoring services and identity theft insurance, paid for by the defendant company; and improvements to the defendant company’s data security systems.
Data privacy class actions are brought on a contingent-fee basis; thus, plaintiffs and the class members do not pay out-of-pocket attorney’s fees or litigation costs. Subject to court approval, attorney’s fees and litigation costs are derived from the recovery obtained for the class.