On January 4, 2024, ConsensioHealth filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that portions of its computer network were encrypted as a result of a cyberattack. In this notice, ConsensioHealth explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, addresses, dates of birth, driver’s license numbers, and medical information. Upon completing its investigation, ConsensioHealth began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you receive a data breach notification from ConsensioHealth, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the ConsensioHealth data breach. For more information, please see our recent piece on the topic here.

What Caused the ConsensioHealth Data Breach?

The ConsensioHealth data breach was only recently announced, and more information is expected in the near future. However, ConsensioHealth’s filing with the U.S. Department of Health and Human Services Office for Civil Rights provides some important information on what led up to the breach. ConsensioHealth also posted a website notice discussing the incident.

According to these sources, on July 3, 2023, ConsensioHealth detected a cybersecurity incident affecting its computer network when portions of the ConsensioHealth network were encrypted. In response, ConsensioHealth secured its network, notified law enforcement, and then launched an investigation with the help of outside cybersecurity specialists.

The ConsensioHealth investigation ultimately confirmed that the unauthorized party removed a number of files and folders containing confidential patient information from its network. The affected healthcare providers listed in the ConsensioHealth data breach letter include:

• Emergency Medicine Specialists, S.C.
• Ascension Wisconsin
• Wisconsin Urgent Care
• Kenosha Urgicare

After learning that sensitive consumer data was accessible to an unauthorized party, ConsensioHealth reviewed the compromised files to determine what information was leaked and which consumers were impacted. ConsensioHealth completed this process on December 7, 2023. While the breached information varies depending on the individual, it may include your name, address, date of birth, driver’s license, Social Security number, account access credentials, health insurance information, medical treatment and diagnosis information, medical treatment cost information, patient account number, Medicare or Medicaid number, healthcare provider information, and prescription information.

On January 4, 2024, ConsensioHealth sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.

More Information About ConsensioHealth

ConsensioHealth is a business services company based out of Wauwatosa, Wisconsin. ConsensioHealth created a group of services designed to help healthcare providers run the business side of their practice, including back-office support, practice management advice and more. ConsensioHealth employs more than 30 people and generates approximately $6 million in annual revenue.