Strauss Borrelli PLLC, a leading data breach law firm, is investigating Asheville Arthritis and Osteoporosis Center, P.A. (“Asheville Arthritis”), regarding its recent data breach. The Asheville Arthritis data breach may have involved sensitive personal identifiable information and protected health information belonging to an undetermined number of individuals.
ABOUT ASHEVILLE ARTHRITIS AND OSTEOPOROSIS CENTER, P.A.:
Asheville Arthritis is a full-service rheumatology practice based in North Carolina. Today, Asheville Arthritis cares for adults and children with arthritis, osteoporosis, and systemic autoimmune diseases.3 To treat these conditions, Asheville Arthritis provides a variety of healthcare services, including laboratory CLIA, immunologic evaluations, digital x-ray and ultrasound evaluations, bone density testing, and in-house infusions.3 Headquartered in Asheville, North Carolina, Asheville Arthritis employs over 10 individuals.
WHAT HAPPENED?
Recently, Asheville Arthritis announced that it had experienced a data breach in which the sensitive personal identifiable information and protected health information in its systems may have been accessed. According to the breach notice, on or around May 22, 2024, Asheville Arthritis became aware that it was the target of a cybersecurity incident. As a result, Asheville Arthritis launched an investigation to determine the nature of the incident.
Through its investigation, Asheville Arthritis learned that sensitive personal information in its systems may have been compromised by an unauthorized third-party. As a result, Asheville Arthritis began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Address
- Date of birth
- Telephone number
- Medical information (e.g., medical notes, lab results, diagnosis)
- Health insurance information
As a result of the data breach, Asheville Arthritis posted notice of the incident on its website. Additionally, on September 20, 2024, Asheville Arthritis began mailing data breach notification letters to impacted individuals. Based on the website breach notice, Asheville Arthritis is providing affected individuals with a list of the specific type of sensitive information impacted and complimentary identity monitoring services. A link to the form breach notification that Asheville Arthritis posted to its website is below.
If you received a breach notification letter from Asheville Arthritis and Osteoporosis Center, P.A.:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
