$100 Million awarded Since 1994 6,000 Satisfied Clients

Posted On November 23, 2022 Consumer Privacy & Data Breaches

Data Breach Alert: Doctors’ Center Hospital

NOTICE: If you received a NOTICE OF DATA BREACH letter from Doctors’ Center Hospital, contact the attorneys at Console & Associates at (866) 778-5500 to discuss your legal options, or submit a confidential Case Evaluation form here.

Data Breach AlertOn November 9, 2022, Doctors’ Center Hospital filed notice of a data breach with the U.S. Department of Health and Human Services, Office for Civil Rights, after an unauthorized party was able to access sensitive patient information that had been entrusted to the company. While Doctors’ Center Hospital has yet to post notice of the breach on its website explaining the incident, based on the company’s filing with the Office for Civil Rights, it would appear that the recent breach compromised patients’ protected health information. After confirming that consumer data was leaked, Doctors’ Center Hospital began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.

If you received a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the Doctors’ Center Hospital data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from Doctors’ Center Hospital.

What We Know So Far About the Doctors’ Center Hospital Breach

The available information regarding the Doctors’ Center Hospital breach comes from the company’s filing with the U.S. Department of Health and Human Services, Office for Civil Rights. However, the HHS-OCR data breach portal only provides limited information about the incident. For example, the breach resulted from a “Hacking/IT incident” involving one of the company’s network servers. It is believed that the Doctors’ Center Hospital affected the personal information of 1,195,220 people.

Upon discovering that sensitive consumer data was made available to an unauthorized party, Doctors’ Center Hospital began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information usually varies depending on the individual, it very likely includes your protected health information.

On November 9, 2022, Doctors’ Center Hospital sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.

More Information About Doctors’ Center Hospital

Founded in 1959, Doctors’ Center Hospital is a healthcare network based in Puerto Rico. Doctors’ Center Hospital initially opened with just 13 beds but has grown to be one of the largest health systems in Puerto Rico. The Doctors’ Center Hospital system has hospitals, emergency centers, clinics and specialty centers across Puerto Rico, including in San Juan, Bayamon, San Fernando de la Carolina and Manatí. Doctors’ Center Hospital generates approximately $69 million in annual revenue.

What the Doctors’ Center Hospital Breach Means for Patients

While Doctors’ Center Hospital hasn’t publicly discussed the recent breach in much detail, based on the fact that the company is a healthcare provider and that it filed notice of the breach with the Department of Health and Human Services Office for Civil Rights, it’s a fair assumption that the incident resulted in patients’ protected health information being compromised.

Doctors’ Center Hospital is far from the only healthcare provider to be targeted in a cyberattack. In fact, more than two million people have had their protected health information leaked in similar data breaches in 2022 alone. Given this reality, it is incredibly important victims of a healthcare data breach understand what is at risk and what their options are.

The first step is to understand what is meant by “protected health information.” Protected health information, sometimes referred to as “PHI,” is demographic information, medical history information, test and laboratory results, mental health information, insurance information and other data collected by healthcare professionals during the course of treating a patient.

However, not all healthcare-related data is protected health information. The collection and use of PHI are governed by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). In order for health information to be considered “protected,” it must contain at least one identifier. An identifier is another piece of information that someone can use to connect the data to a specific patient. Under HIPAA, there are 18 different identifiers, including:

  • Name;
  • Address (anything smaller than a state);
  • Social security number;
  • Dates (more specific than just a year) related to an individual, such as a patient’s birthdate, admission date, etc.;
  • Email address;
  • Phone number;
  • Fax number;
  • Medical record number;
  • Health plan beneficiary number;
  • Account number;
  • Certificate or license number;
  • Vehicle identifiers, such as serial numbers and license plate numbers;
  • Device identifiers and serial numbers;
  • Web URL;
  • Internet protocol (IP) address;
  • Biometric IDs, such as a fingerprint or voice print;
  • Full-face photographs and other photos of identifying characteristics; and
  • Any other unique identifying characteristic.

Given that your healthcare is a very personal matter, any healthcare data breach is very concerning. However, aside from the privacy risks, there is also the possibility that patients suffer financial—and even physical—harm in the wake of an attack.

For example, hackers who obtain protected health information often attempt to sell the information to someone who then takes the information to the doctor, pretending to be the victim. This not only leaves the victim responsible for the bill but can also lead to misleading and incorrect information being added to their medical records. However, there are steps you can take to reduce the chances of falling victim to healthcare identity theft, as well as to hold the company that leaked your information financially accountable.

If You Have Questions About Your Rights Following the Doctors’ Center Hospital Data Breach, Console & Associates, P.C. Can Help

At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the Doctors’ Center Hospital data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.

To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.

NOTICE: If you received a NOTICE OF DATA BREACH letter from Doctors’ Center Hospital, contact the attorneys at Console & Associates at (866) 778-5500 to discuss your legal options, or submit a confidential Case Evaluation form here.