On March 22, 2023, US Wellness filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after learning that a data security incident at one of the company’s vendors compromised certain customers’ protected health information. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, addresses, dates of birth, member ID numbers, and other protected health information. After confirming that consumer data was leaked, US Wellness began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
If you received a data breach notification from US Wellness, it is essential you understand what is at risk and what you can do about it. As we’ve discussed in previous posts on similar topics, healthcare-related data breaches are not only increasingly common but also put victims at a significantly increased risk of identity theft. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the US Wellness data breach, reach out to an experienced data breach lawyer.
What We Know So Far About the US Wellness Breach
News of the US Wellness is still fresh; however, what we know at this point comes from the company’s filing with the U.S. Department of Health and Human Services Office for Civil Rights, as well as a press release issued by the company. According to this source, on January 31, 2023, US Wellness was informed about a data security incident that had occurred at one of the company’s vendors. Evidently, this vendor had access to patient information due to the services the company provided for US Wellness.
In response, US Wellness launched an investigation into the incident in hopes of learning what, if any, patient data was affected. On February 9, 2023, US Wellness learned that an unauthorized party had gained access to certain personal and protected health information belonging to certain patients.
Upon discovering that sensitive patient data was made available to an unauthorized party, US Wellness began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, address, date of birth, member ID number, and other protected health information.
On March 22, 2023, US Wellness sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
More Information About US Wellness
US Wellness is a healthcare services organization based in Germantown, Maryland. The company works with employers to increase employees’ health by offering a range of programs. For example, US Wellness helps employers address gaps in care, organizes biometric/biomarker screenings and vaccinations, develops post-COVID well-being solutions and offers health staffing & coaching. US Wellness employs more than 48 people and generates approximately $17 million in annual revenue.