Posted On May 26, 2022 Consumer Privacy & Data Breaches
May 25, 2022 – Allwell Behavioral Health Services (“Allwell”) reported a data breach after the company was targeted in a recent cybersecurity attack. As a result of the breach, patients’ names, dates of birth, Social Security numbers, phone numbers, treatment activity, treatment provider, treatment date, treatment location, and payer information was compromised. On May 23, 2022, Allwell Behavioral Health Services sent out data breach letters to those individuals whose information was affected by the breach.
The data breach lawyers at Console & Associates, P.C. are going to begin interviewing victims of the breach to determine what damages they sustained and what legal claims may be available to them. If you recently received a NOTICE OF DATA BREACH from Allwell Behavioral Health Services, contact us at (866) 778-5500 to discuss your legal options, or submit a confidential contact form, for a free case evaluation.
Below is a portion of the letter that Allwell Behavioral Health Services sent to individuals affected by the data breach:
Dear [Consumer],
I am writing to inform you of a data security incident that may have involved your personal information. At Allwell Behavioral Health Services (“Allwell”), we take the privacy and security of our patient’s information very seriously. This is why we are notifying you of the incident and informing you about steps you can take to help protect your personal information.
What Happened? On March 5, 2022, we discovered a data security incident. In response, we took steps to secure our computer systems and immediately began an investigation with the help of cybersecurity experts. The investigation team determined that on or about March 2, 2022, an outside party gained access to the computer system that we use to store quality assurance information related to the treatment of patients at Allwell. In late April 2022, the investigation concluded and it was determined that it appears likely the unauthorized party was able to take an undetermined number of files containing client information from the computer system. While at this time we have no evidence that any client information was misused, out of an abundance of caution we are providing credit protection to our client community.
What Information Was Involved? The information in the quality assurance system varied but potentially may have included things such as your name, date of birth, Social Security number, phone number, treatment activity, treatment provider, treatment date, treatment location, and payer information. We have no information that the information on the quality assurance system has been misused.
What Are We Doing? As soon as we discovered the incident, we took the steps described above. Additionally, we have upgraded our information technology and computer systems to provide additional security to protect against further unauthorized access. We also notified federal law enforcement authorities and the U.S. Department of Health and Human Services Office for Civil Rights.
In addition, we are offering identity theft protection services through IDX, a leading data breach and recovery services firm. IDX identity protection services include: [12 months/24 months] of credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed ID theft recovery services. With this protection, IDX will help you resolve issues if your identity is compromised.
What You Can Do. We encourage you to contact IDX with any questions and to enroll in the free identity protection services by calling 1-833-909-0995 or going to https://response.idx.us/allwell and using the Enrollment Code provided above. IDX representatives are available Monday through Friday from 9 am – 9 pm Eastern Time. Please note the deadline to enroll is August 23, 2022.
Again, at this time, there is no evidence that your information has been misused. However, we encourage you to take full advantage of this service offering. IDX representatives have been fully informed of the incident and can answer any questions you may have regarding protection of your personal information.
For More Information. You will find detailed instructions for enrollment on the enclosed Recommended Steps document. Also, you will need to reference the enrollment code at the top of this letter when calling or enrolling online, so please do not discard this letter. Please call 1-833-909-0995 or go to https://response.idx.us/allwell for assistance or for any additional questions you may have.
The security of our clients’ personal information is of the utmost importance and we deeply regret that this data security incident occurred.
