FAQ
HealthEC Data Breach
HealthEC is a New Jersey-based software developer that provides a platform which healthcare organizations can use to identify high-risk patients and ensure continuity of care. HealthEC was the target of hackers who accessed patient information between July 14, 2023 and July 23, 2023.
After discovery, review of stolen data was completed and HealthEC began notifying its clients in October 2023. The breach was not reported to government agencies including the U.S. Department of Health and Human Services Office of Civil Rights or state authorities until December 2023.
Some affected individuals may have been informed of the data breach, however many more may not have known or continue to be unaware of the risks. People whose data was compromised by the HealthEC data breach may be eligible for compensation.
Personal, Medical, and Financial Data May Have Been Stolen
HealthEC has confirmed that not only were their systems and data accessed by unauthorized individuals, that files had been copied or removed from their systems.
Data accessed or stolen may have included:
- Names
- Addresses
- Birth dates
- Phone numbers or email addresses
- Social security numbers
- Drivers License or other government ID numbers
- Financial information (credit cards and bank account)
- Medical information
- Parent/guardian/guarantor dentification and information
- Other personal information
The data breach may have affected nearly 4.5 million patient records. Because many of these records may include information about parents, caregivers and other responsible parties, the data breach may affect more than just the patients whose records were accessed.
Multiple Agencies and Organizations Affected by the HealthEC Data Breach
HealthEC is used by over 1 million health professionals in 18 states. An estimated 4.5 million patients of multiple, large health organizations, facilities, and agencies may have been affected by the July 2023 HealthEC data breach.
Some of the organizations whose patients’ data may have been stolen include:
- Alliance for Integrated Care of New York, LLC
- Advantage Care Diagnostic & Treatment Center, Inc.
- Beaumont ACO
- Community Health Care Systems
- Compassion Health Care
- Corewell Health
- East Georgia Healthcare Center
- HonorHealth
- Hudson Valley Regional Community Health Centers
- Illinois Health Practice Alliance, LLC
- KidneyLink
- Long Island Select Healthcare
- Metro Community Health Centers
- Mid Florida Hematology & Oncology Centers, P.A, d/b/a Mid-Florida Cancer Centers
- TennCare
- State of Tennessee
- University Medical Center of Princeton Physicians’ Organization
- Upstate Family Health Center, Inc.
- U.S. Renal Care Inc.
HealthEC may already be facing multiple lawsuits for damages caused by potential data breach.
HealthEC Data Breach Claims
HealthEC along with their clients, had the duty to keep patient information safe and secure but failed in that duty and may have placed millions of patients’ data at risk. Many of these patients or their caregivers may be considering lawsuits against HealthEC.
HealthEC data breach lawsuits may claim that the company failed to properly safeguard consumers’ information which allowed hackers to access its systems and copy or steal certain files. In addition, HealthEC had a duty to warn clients of the data breach in a timely manner but waited several months to do so. This may have prevented clients and their patients from taking proper action to safeguard themselves.
Impending data breach lawsuits may claim that HealthEC failed to:
- Construct and maintain appropriate data security systems to prevent intrusion, data breach and cyberattack
- Ensure that confidentiality, privacy, and integrity of electronic protected health information remained safe, private and secure
- Promptly notify clients to enable them to notify their patients
- Promptly notify government authorities of the data breach as required by law
Data Breach Lawsuit Compensation
Patients and those who care for them whose data may have been accessed or stolen during the HealthEC data breach may have been exposed to financial losses due to identity theft, fraud or other financial issues and may be required to spend time or costly resources to recover losses. If successful, data breach lawsuits may help provide compensation for those losses.
Data breach class actions often seek to recover costs including:
- Compensation for losses suffered caused by identity theft and fraud
- Reimbursement of credit monitoring fees, reporting fees and costs of credit freezes
- Financial compensation for lost personal or work time spent responding to problems caused by the breach
- Free credit monitoring
- Free identity theft insurance
People whose data may have been accessed or stolen during the HealthEC data breach which occurred in July of 2023 may be eligible for compensation.