Posted On October 25, 2022 Consumer Privacy & Data Breaches
On October 7, 2022, Urology of Greater Atlanta, LLC (“UGATL”) filed notice of a data breach with the U.S. Department of Health and Human Services Office for Civil Rights after the company experienced a data security incident affecting approximately 79,795 individuals. While the company has not yet disclosed the specific type of information that was subject to unauthorized access, based on federal data breach reporting requirements, it likely included patients’ names, protected health information, and possibly their Social Security numbers. After confirming that consumer data was leaked, UGATL began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
If you received a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the UGATL data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from Urology of Greater Atlanta, LLC.
The available information regarding the Urology of Greater Atlanta breach comes from the company’s filing with the U.S. Department of Health and Human Services Office for Civil Rights. Because the company has not publicly disclosed the specific type of information that was subject to unauthorized access and has not yet posted notice of the breach on its website, the nature of the leaked data cannot be confirmed. However, based on the HHS data breach reporting requirements, companies only need to report a breach if it impacts patients’ protected health information.
The Department of Health and Human Services Office for Civil Rights notice indicates that the UGATL breach was related to a “Hacking / IT incident” occurring on one of the company’s network servers.
On October 7, 2022, Urology of Greater Atlanta sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
Urology of Greater Atlanta, LLC is a healthcare provider located in Stockbridge, Georgia. The practice group consists of nine urologists who specialize in urologic oncology, kidney stones, female urology, and male infertility. Urology of Greater Atlanta maintains five locations in the greater Atlanta area, including in Blue Ridge, Jonesboro, Atlanta, Griffin, and Stockbridge. Urology of Greater Atlanta employs more than 51 people and generates approximately $16 million in annual revenue.
Yes, depending on the circumstances, a company that experiences a data breach may be liable to consumers whose information was leaked. United States data breach and consumer protection laws require medical professionals and practice groups to protect the patient information in their possession. However, even when a provider takes significant efforts—and especially when they do not—data breaches still happen. In some cases, healthcare providers that experience an otherwise preventable data breach may be liable for consumers’ losses related.
However, just because a medical provider gets hacked and sensitive patient information ends up in the hands of cybercriminals doesn’t mean that the company is financially liable. Ultimately, data breach liability comes down to whether a company was negligent leading up to the breach.
The framework of a data breach negligence analysis requires a victim to prove the following:
When it comes to storing consumer data, there are several ways that a medical office might be negligent. However, most data breaches involving a healthcare provider’s negligence are caused either by a practice failing to employ an adequate data security system or failing to train employees on how to safely care for consumer data. For example, providers should implement phishing training courses for employees to help them recognize fraudulent emails that may appear to be legitimate. Similarly, organizations should continually assess their data security systems to ensure they are up-to-date and protect against the most recent trends in cyberattacks.
Healthcare providers that fail to take their data security obligations seriously increase the chances of a data breach. Data breach victims who want to learn more about their rights and whether they may be able to bring a data breach class action lawsuit should reach out to a data breach attorney for assistance.
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the UGATL data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.
To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.