Posted On February 10, 2023 Consumer Privacy & Data Breaches
February 10, 2023 – DotHouse Health Inc. filed notice of a data breach on January 27, 2023 with the U.S. Department of Health and Human Services Office for Civil Rights (“HHS-OCR”) after discovering that an unauthorized individual had managed to obtain access to private information saved on the company’s computer network. According to the filing, the breach allowed the third party to gain access to people’s complete names, dates of birth, addresses, diagnosis information, claims information, medical record numbers, and other treatment information. Upon discovering the leak, DotHouse started sending out notifying letters to the 10,000 patients affected by the incident.
The data breach lawyers at Console & Associates, P.C. are actively investigating the DotHouse data breach. If you have received a breach notification letter and are interested in learning about what you can do to protect yourself, we are offering free consultations where we can discuss your legal options for receiving compensation from DotHouse Health, Inc.
DotHouse Health Inc. is a federally qualified healthcare facility that provides services such as family care, adult care, women’s health, and pediatrics. Additionally, the facility has an in-house dental clinic, mental health clinic, and eye clinic. Based in Dorchester, Massachusetts, DotHouse has a partnership with Boston Medical Center, employs more than 314 personnel, and has an annual revenue of about $20 million.
The available data on the DotHouse Health breach is sourced from the organization’s filing with the U.S. Department of Health and Human Services Office for Civil Rights as well as an announcement placed on the company’s website. After detecting suspicious activity in the company computer system in late November 2022, DotHouse took the necessary precautions and started an investigation into the incident to figure out if any patient data was exposed.
DotHouse’s investigation into the incident revealed that an individual not authorized to use the system had infiltrated it between October 31, 2022 and November 27, 2022. Subsequent investigation revealed that some of the documents accessible to the intruder included confidential patient data.
Though varying by individual, information that has been leaked includes consumers’ complete names, dates of birth, addresses, diagnosis information, claims information, medical record numbers, and other treatment information.
On January 27, 2023, DotHouse Health distributed data breach notification letters to all people whose confidential information was revealed due to the safety episode. Per the HHS-OCR, the data breach impacted approximately 10,000 individuals.
Hackers illegally entered DotHouse’s computer system, resulting in a leak of information. As a consumer who has relied on DotHouse Health to protect your information, there was nothing you could have done to stop the attack. The onus falls to the company to protect you and be the first and last line of defense against any data theft or fraud.
An investigation is being conducted to determine if any negligence occurred from DotHouse Health concerning the breach. Possible areas of negligence could include the failure to train staff to recognize and report phishing attempts or having up-to-date cybersecurity. If any evidence of such negligence comes to light, you may be eligible for financial compensation from the organization.
If you have received a notification of the attack, it is essential that you understand your rights as a victim.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the DotHouse Health Inc. data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.
Below is a portion of the notice posted to their website:
DotHouse Health Inc. (“DotHouse”) is issuing notice of a recent data security event that may impact the confidentiality of information related to certain patients. We are providing information about the event, our response, and steps potentially affected individuals may take to better protect against the possibility of identity theft and fraud, should they feel it is appropriate to do so.
What Happened? In late November 2022, DotHouse identified suspicious activity on a limited portion of its network. DotHouse promptly undertook an extensive investigation to determine the nature and scope of the activity. On or around January 12, 2023, the investigation determined that systems containing information related to certain patients were accessed and likely downloaded by an unknown individual between October 31, 2022 and November 27, 2022.
DotHouse is conducting a comprehensive review of the affected systems, with the assistance of third-party data review specialists, to determine what information was contained within the systems at the time of the event and to whom the information related. Once this comprehensive review is complete, DotHouse will work to determine the identities and contact information for any potentially affected individuals and provide appropriate notification via written letter.
What Information Was Affected. The types of information that may have been present in the impacted systems during the event varies by individual and could have included: full name, address, date of birth, medical record number, diagnosis/conditions, medications, other treatment information, and claims information.
What We Are Doing. DotHouse takes this event and information security very seriously. Upon learning of this event, we immediately began an investigation and undertook remediation actions. As part of our ongoing commitment to information security, we are enhancing our existing policies and procedures and implementing additional administrative and technical safeguards to further secure the information in our care. DotHouse also reported the event to appropriate governmental agencies, including federal law enforcement and the U.S. Department of Health and Human Services.
What Affected Individuals Can Do. As a precautionary measure, individuals are encouraged to remain vigilant against incidents of identity theft by reviewing account statements, credit reports, and explanations of benefits for unusual activity and to detect errors. Any suspicious activity should be promptly reported to your health care provider, insurance company, or financial institution. Additional information can be found below in the Steps You Can Take to Help Protect Your Information.
For More Information. If you have additional questions, please call our toll-free assistance line at (877) 653-6846, Monday through Friday, during the hours of 9:00 a.m. to 5:00 p.m., Eastern time (excluding U.S. holidays). You may also write to DotHouse at 1353 Dorchester Avenue, Dorchester, MA 02122.