RevSpring, Inc.

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

RevSpring, Inc., a company based in Nashville, Tennessee, experienced a data breach between October 24 and October 26, 2023. The breach was discovered on October 26, 2023. This incident affected a total of 1,706 individuals, including 3 residents of Maine. The breach involved a mismatch of patient statements, where no external disclosure occurred, but information was viewable by a limited set of different patients. The compromised information included names or other personal identifiers in combination with other sensitive data. In response to the breach, RevSpring provided 12 months of credit monitoring services to the affected individuals. Notifications to consumers were made in writing on December 20, 2023[1].

Additionally, the U.S. Department of Health and Human Services Office for Civil Rights Breach Portal listed an unauthorized access/disclosure incident involving RevSpring, Inc. on December 22, 2023, affecting 1,053 individuals. This incident was categorized under “Unauthorized Access/Disclosure” on a network server, indicating that a business associate was present during the breach[3].

RevSpring, Inc. is known for its services in precise consumer engagement and payments, leveraging data analytics to tailor engagement workflows to individual circumstances and preferences. The company serves North America’s leading healthcare organizations, revenue cycle management, and accounts receivables management companies, aiming to maximize financial results through dynamic and personalized communications and payment options[2].

For further details on RevSpring’s privacy practices and commitment to securing user information, their Privacy Policy outlines the types of information collected, how it is used, shared, and the measures taken to protect it. Despite these efforts, no security system is impenetrable, and RevSpring acknowledges the possibility of security breaches[5].

Citations:

  1. https://apps.web.maine.gov/online/aeviewer/ME/40/816d2b14-0003-4dce-bae5-c87666321ea9.shtml
  2. https://revspringinc.com
  3. https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
  4. https://www.huntsvillehospital.org/patients-visitors/pay-a-bill
  5. https://revspringinc.com/privacy-policy/
  6. https://www.availity.com
  7. https://revspringinc.com/terms-of-use/
  8. https://www.viveevent.com
  9. https://revspringinc.com/terms-and-conditions/
  10. https://www.taylor.com
  11. https://www.healthcareitnews.com/news/list-biggest-hipaa-data-breaches-2009-2015
  12. https://www.healthcareitnews.com/news/best-klas-2024-shows-vendors-being-more-proactive-their-clients
  13. https://h1bgrader.com/h1b-sponsors/revspring-inc-6g06n54ykq/lca/2023/lca-details/I-200-22335-615008
  14. https://www.buffalomedicalgroup.com
  15. https://apps.web.maine.gov/online/aeviewer/ME/40/list.shtml
  16. https://www.zoominfo.com/c/revspring-payments-inc/356999639
Breach Submission Date Dec 22, 2023
Converted Entity Name RevSpring, Inc.
Converted Entity Type Business Associate
State TN
Individuals Affected 1,053
Breach Type Unauthorized Access/Disclosure

Breach Information Location Network Server

Business Associate Present Yes