Cancer and Hematology Centers of Western Michigan

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

The Cancer & Hematology Centers of Western Michigan (CHCWM) experienced a ransomware attack that resulted in unauthorized access to certain information pertaining to patients and employees. The breach was confirmed by CHCWM, which is a physician-owned oncology and hematology practice based in Grand Rapids, Michigan, operating five health centers and five regional clinics throughout western Michigan[1].

The compromised information for employees may include Social Security numbers and bank account details, while for patients, it may include parts of their health records. Following the incident, CHCWM began sending out data breach notification letters to affected individuals on March 18, 2022[1].

The breach affected as many as 43,071 individuals, making it one of the significant health care data breaches in Michigan[11]. Despite the breach, CHCWM has continued to expand its services, including opening a new clinic in Big Rapids[2][4][6].

A proposed class action lawsuit alleging negligence by CHCWM in connection with the data breach was filed by plaintiff Bridget Shepherd. However, the lawsuit was dismissed as Shepherd did not have standing because her data was not compromised in the breach[3][7].

In the wake of the breach, CHCWM and other organizations that store consumer data have a legal obligation to ensure the privacy of this information. The United States data breach laws allow consumers to pursue civil data breach claims against organizations that fail to protect their data[1].

For those affected by the breach, it is recommended to monitor credit reports and financial accounts regularly for signs of unauthorized activity or fraud, and to consider placing a credit freeze on accounts to prevent the opening of new credit/financial accounts[1].

Citations:

  1. https://www.jdsupra.com/legalnews/data-breach-alert-cancer-hematology-9717181/
  2. https://www.crainsgrandrapids.com/news/health-care/oncology-practice-considers-additional-expansion-after-opening-big-rapids-clinic/
  3. https://news.bloomberglaw.com/litigation/michigan-cancer-center-beats-class-suit-over-2021-data-breach
  4. https://www.bigrapidsnews.com/news/article/cancer-hematology-centers-opens-facility-big-18179384.php
  5. https://www.dataguidance.com/news/usa-cancer-hematology-centers-western-michigan-notifies
  6. https://www.crainsgrandrapids.com/news/health-care/grand-rapids-oncology-practice-expands-to-big-rapids/
  7. https://unicourt.com/case/pc-db5-shepherd-v-cancer-hematology-centers-of-western-michigan-pc-1261350
  8. https://www.prnewswire.com/news-releases/oneoncology-partners-continue-growth-by-adding-practices-to-national-platform-302005223.html
  9. https://www.linkedin.com/posts/shuxley_securityfirst-databreach-grandrapids-activity-7107753620250513408-gLEm
  10. https://www.ajmc.com/view/enhancing-oncology-model-attracts-key-practices-leaders-who-had-success-in-the-ocm
  11. https://stacker.com/michigan/biggest-health-care-data-breaches-you-should-know-about-michigan
  12. https://www.crainsdetroit.com/politics-policy/bid-cap-prescription-drug-costs-advances-not-without-opposition
  13. https://www.hipaajournal.com/ransomware-gangs-claim-health-plan-and-healthcare-provider-attacked/
  14. https://www.news-medical.net/news/20230531/Breast-cancer-patients-experience-more-severe-CIPN-symptoms-with-paclitaxel.aspx
  15. https://www.crainsgrandrapids.com/news/health-care/regional-cancer-network-names-new-director/
Breach Submission Date Mar 18, 2022
Converted Entity Name Cancer and Hematology Centers of Western Michigan
Converted Entity Type Healthcare Provider
State MI
Individuals Affected 43,071
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes