ConsensioHealth, LLC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

ConsensioHealth, LLC, a Wisconsin-based medical management services company, experienced a significant data breach that was reported to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) on January 4, 2024[1][6]. The breach was identified on July 3, 2023, when unauthorized access to ConsensioHealth’s computer systems led to the compromise of sensitive personal information belonging to nearly 60,871 patients[1][3][5][6][7].

The compromised data included a range of sensitive and confidential information such as names, addresses, dates of birth, Social Security numbers, driver’s license or state identification numbers, medical record numbers, medical information (including diagnosis, diagnosis code, mental/physical condition, prescription information, and provider’s name and location), and health insurance information (including beneficiary number, subscriber number, Medicaid/Medicare identification)[1][3][5][6][7].

ConsensioHealth began sending out data breach notification letters to affected individuals, advising them of the breach and their legal rights[1][3][5][6]. The breach has led to investigations by law firms like Markovits, Stock & DeMarco, LLC, and Turke & Strauss LLP, which are exploring the possibility of a class action lawsuit to recover compensation for those affected by the breach[1][3][5].

Affected healthcare providers include Emergency Medicine Specialists, S.C., Ascension Wisconsin, Wisconsin Urgent Care, and Kenosha Urgicare[1][3]. Patients of these providers who received a notice of the data breach are encouraged to contact the investigating law firms to learn more about their rights and potential legal remedies[1][3][5].

ConsensioHealth offers a range of services to medical providers, including revenue cycle and practice management services, coding and claims management, practice data analytics, payor relations and reimbursement optimization services, financial and accounting services, human resources outsourcing, and physician education[5]. The company also provides a comprehensive technology platform called SensER, which integrates all practice data streams and produces customizable reporting[5].

In response to the breach, ConsensioHealth secured its network, notified law enforcement, and launched an investigation with the help of outside cybersecurity specialists[6]. The company has also provided suggestions for affected individuals to protect their personal information, such as changing passwords and security questions, monitoring account statements and credit reports, and contacting credit bureaus to request a fraud alert[5][7].

Citations:

  1. https://www.msdlegal.com/blog/2024/01/consensiohealth-llc-data-breach-class-action-lawsuit-investigation/
  2. https://www.linkedin.com/company/emergency-medicine-specialists-s-c
  3. https://www.classaction.org/data-breach-lawsuits/consensiohealth-llc-january-2024
  4. https://www.linkedin.com/in/krissy-bastian-2169b0b5
  5. https://www.turkestrauss.com/2024/01/08/consensiohealth-data-breach-investigation/
  6. https://www.jdsupra.com/legalnews/consensiohealth-experiences-data-breach-3711967/
  7. https://k1intelligence.com/consensiohealth-suffers-data-breach-key-facts-and-protective-steps/
  8. https://uk.linkedin.com/company/consensio
  9. https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
  10. https://www.linkedin.com/in/cherylmarchek
  11. https://consensiohealth.com
  12. https://colevannote.com/investigations/
  13. https://blackkite.com/data-breaches-caused-by-third-parties/
  14. https://www.itgovernanceusa.com/blog/cyber-security-and-data-privacy-in-the-usa-january-1-7-2024
  15. https://consensiohealth.com/terms-of-use/
Breach Submission Date Jan 04, 2024
Converted Entity Name ConsensioHealth, LLC
Converted Entity Type Business Associate
State WI
Individuals Affected 60,871
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes