Posted On November 24, 2022 Consumer Privacy & Data Breaches
On November 14, 2022, Health Care Management Solutions, LLC (“HMS”) filed notice of a data breach with the U.S. Department of Health and Human Services Office for Civil Rights (“HHS-OCR”) after the company learned that an unauthorized party was able to access sensitive patient information stored on its computer network. While the HHS-OCR Data Breach Portal does not provide the specific type of data that was compromised, the fact that the breach is posted on the HHS-OCR portal almost certainly means that the breach impacted consumers’ protected health information. After confirming that consumer data was leaked, HMS began sending out data breach notification letters to the 500,000 individuals who were impacted by the recent data security incident.
If you received a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the HMS data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from Health Care Management Solutions, LLC.
The available information regarding the Health Care Management Solutions breach comes from the company’s filing with the U.S. Department of Health and Human Services Office for Civil Rights. However, the information provided on the HHS-OCR website is minimal, only describing that the incident was the result of a “Hacking / IT Incident” occurring on the company’s computer network. However, the HHS-OCR portal notes that the incident is expected to have impacted 500,000 people.
While it cannot be confirmed at this point, the Health Care Management Solutions very likely resulted in patients’ protected health information being compromised. This is because the HHS-OCR only requires companies to report a breach if the protected health information of more than 500 people is impacted.
On November 14, 2022, Health Care Management Solutions sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
Health Care Management Solutions, LLC is a healthcare services and consulting company based in Fairmont, West Virginia. The company focused on improving the quality of care provided to vulnerable populations and veterans by ensuring that providers remain in compliance with state and federal guidelines. Health Care Management Solutions employs more than 130 people and generates approximately $19 million in annual revenue.
In 2021, there were more than 320 million data breach victims, the largest number of breaches in recorded history. And the problem doesn’t appear to be getting much better. So far, the preliminary 2022 figures suggest only a modest decrease in the total number of cyberattacks. Given the frequency with which these breaches occur and the life-interrupting harms that can follow in their wake, it is important that you know what to do if your information is leaked in a data breach.
The goal of most hackers when carrying out a data breach is to use the stolen information to commit identity theft or sell the information to another criminal on the dark web. Of course, there is nothing you can do to prevent a data breach; however, there are steps you can take after learning your information was compromised to reduce the chances of falling victim to fraud.
Below is a list of steps to take after a data breach to reduce the risk of fraud. Importantly, this is not an exhaustive list, and you may consider taking additional steps if a breach involves highly sensitive information such as your financial account numbers or Social Security number.
After a data breach, companies are required to notify victims. Usually this is done by sending all victims a data breach letter that explains the incident, what led up to it, what the company has done to prevent future breaches, and whether the company has received any reports of fraud from other victims. The first thing to do after receiving a data breach letter is to carefully review the document to determine whether your information was leaked and, if so, what data was compromised.
Hackers often use stolen information quickly to avoid giving victims time to close their accounts or otherwise limit hackers’ access to their credit. However, hackers might need to obtain other information before having enough data to commit fraud against a victim. In these cases, it may not be until weeks or months after a breach that hackers can use the stolen information. Therefore, it is imperative that you not only immediately check up on your accounts but also that you frequently check on them for the months after the breach.
Credit monitoring is a service that alerts you to suspicious activity on your credit profile, such as if there are an abnormal amount of inquiries. On average, credit monitoring costs about $20 to $40 per month. However, companies typically offer victims of a data breach free credit monitoring for a period of time—usually between one to two years. Signing up for credit monitoring is free and provides you with an easy way to keep an eye on your credit profile. Also, taking a company up on its offer of free credit monitoring doesn’t affect your right to bring a data breach lawsuit against the company if it was negligent in maintaining your information.
Fraud alerts and credit freezes are free services offered by the major credit bureaus. A fraud alert puts companies that pull your credit on notice that there is reason to believe that someone may be fraudulently using your information. A credit freeze offers additional protection by preventing any company from pulling your credit without your advance approval. The Identity Theft Resource Center has repeatedly explained that placing a credit freeze on your credit account is the single best way to prevent fraud after a data breach.
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the HMS data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.
To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.