Posted On January 28, 2023 Consumer Privacy & Data Breaches
January 28, 2023 – mscripts, LLC filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights on January 17, 2023 after an unauthorized party gained access to consumer information. Per the filing, confidential consumer information, including protected health information, was leaked. Mscripts confirmed the leak and began sending out notification letters to 66,372 individuals affected by the data breach.
At Console & Associates, P.C., data breach lawyers are actively investigating the breach at mscripts. If you have received a letter from mscripts, your information may now be in the hands of those wishing to do you harm in the form of fraud or identity theft. To learn more about what you can do to protect yourself now and whether you may be able to pursue a data breach lawsuit against mscripts, we are offering free consultations. If you recently received a NOTICE OF DATA BREACH from COMPANY, contact us at (866) 778-5500 to discuss your legal options, or submit a confidential contact form for a free case evaluation.
Mscripts, LLC is a software company that provides services such as an app that allows patients to easily keep track of their prescriptions with real-time updates and the ability to refill right from the app. Mscripts is owned by Cardinal Health, which is a healthcare service and product company. While Cardinal Health is based in Dublin, Ohio, and employs over 46,000 people and generates approximately $176 billion in revenue annually, mcscripts is based in San Francisco, California, and employs over 73 people and generates approximately $15 million in revenue annually.
According to the company’s filing with the U.S. Department of Health and Human Services Office for Civil Rights (“HHS-OCR”), mscripts discovered that there was an incident involving unauthorized access. Neither mscripts nor Cardinal Health has posted notices on their websites, so information is limited at this time. We can assume, however, that protected health information has been leaked because of the filing with the HHS-OCR. All breaches that involve protected health information must be filed with the HHS-OCR.
Some examples of protected health information that may have been exposed are medical history information, mental health information, insurance information, demographic information, diagnosis information, and other data that may have been disclosed by a patient to a healthcare provider.
On January 17, 2023, mscripts sent notification letters to all individuals affected by the data breach. Though still not publicly confirmed by mscripts, according to the HHS-OCR website, 66,372 individuals have been affected.
Though, at first glance, it doesn’t seem like much damage can even be done with your health information, protected health information includes quite a bit of sensitive information about a patient.
The Health Insurance Portability and Accountability Act of 1996, or HIPAA, has defined protected health information (PHI) by 18 identifiers. These identifiers include: Only specific health information is considered protected by the Health Insurance Portability and Accountability Act of 1996, also known as HIPAA. HIPAA identifies and controls all protected health information (PHI). According to its “Privacy Rule,” PHI is:
With this information, criminals can commit medical identity theft. That means that anyone possessing your information, including hackers or a criminal who bought your information off the dark web, can use it to seek free health care. As a result of that, there might be dangerous misinformation in your medical record, like incorrect medical history, diagnoses that don’t belong to you, and prescription history that doesn’t match up with your medical history. You can also be left with a hefty medical bill for treatment you didn’t receive. These things can affect the type of care you receive the next time you seek medical care.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the mscripts, LLC data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.