Data Breaches Announced by New Jersey Rehabilitation Center & Rhode Island Orthopedic Practice
Cyberattacks involving unauthorized access to patient information have been reported by Physical Medicine & Rehabilitation Center in New Jersey and Orthopedics Rhode Island.
The Physical Medicine & Rehabilitation Center
In July 2024, the Physical Medicine & Rehabilitation Center in New Jersey experienced a cybersecurity incident that caused disruption to its network. Third-party digital forensics experts were engaged to investigate the incident and confirmed that an unauthorized third party had access to its network from July 8, 2024, to July 9, 2024, and during that time, accessed and potentially acquired files containing patient information.
The types of information involved varied from patient to patient and may have included names along with one or more of the following: address, email address, phone number, date of birth, Social Security number, driver’s license/state ID number, credit/debit card number, treatment/diagnosis information, prescription information, provider name, date of service, patient ID, Medicare/Medicaid number, medical record number, treatment cost information, health insurance policy number, health insurance claim number, and health insurance information.
Passwords were reset, and policies and procedures have been reviewed. Complimentary credit monitoring and identity theft protection services have been offered to the affected individuals. The data breach was recently reported to the Maine Attorney General as affecting 4,083 individuals.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Orthopedics Rhode Island
Orthopedics Rhode Island, Inc. is currently investigating a September 2024 data security incident involving unauthorized access to its network. Suspicious network activity was identified on September 7, 2024, and the forensic investigation confirmed there had been unauthorized access to its network from September 4 to September 8, 2024.
The affected systems contained information such as names, addresses, dates of birth, billing and claims information, health insurance claims information, diagnoses, medications, test results, x-ray images, and other treatment information. Orthopedics Rhode Island said it is unaware of any misuse of that information but has advised all affected individuals to be vigilant against identity theft and fraud. The breach was initially reported to the HHS’ Office for Civil Rights using a placeholder figure of 500 individuals, which was later updated to 377,731 individuals.
