Strauss Borrelli PLLC, a leading data breach law firm, is investigating Gryphon Healthcare LLC, regarding its recent data breach. The Gryphon Healthcare data breach may have involved sensitive personal identifiable information and protected health information belonging to over 390,000 individuals.
ABOUT GRYPHON HEALTHCARE, LLC:
Gryphon Healthcare is a clinician owned and operated revenue cycle and management company based in Texas. Founded in 2018, Gryphon Healthcare provides a variety of services to healthcare organizations, including revenue cycle management, coding and compliance, and consulting services. Today, Gryphon Healthcare offers these services to hospitals, emergency departments and physicians, ambulatory surgery centers, imaging centers, independent labs, healthcare facilities, large physician groups, and private practices.4 Headquartered in Houston, Texas, Gryphon Healthcare employs over 50 individuals.
WHAT HAPPENED?
Recently, Gryphon Healthcare announced that it had experienced a data breach in which the sensitive personal identifiable information and protected health information in its systems may have been accessed. According to the breach notice, on August 13, 2024, Gryphon Healthcare became aware of a data security incident involving a partner that Gryphon Healthcare provides medical billing services for, which resulted in unauthorized access to personal information maintained by Gryphon.1 As a result, Gryphon Healthcare launched an investigation to determine the nature of the incident.
Gryphon Healthcare later determined that sensitive personal information in its systems belonging to patients for whom Gryphon Healthcare provides medical billing services may have been compromised by an unauthorized individual.1 As a result, Gryphon Healthcare began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. On September 3, 2024, Gryphon Healthcare completed this review. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Date of birth
- Address
- Medical information (e.g., dates of service, diagnosis information, medical treatment information, prescription information, provider information, medical record number)
- Health insurance information
As a result of the data breach, Gryphon Healthcare posted notice of the incident on its website. Additionally, on October 11, 2024, Gryphon Healthcare mailed data breach notification letters to impacted individuals. Based on the breach notice posted to its website, Gryphon Healthcare is providing affected individuals with a list of the specific types of sensitive information impacted and complimentary credit monitoring services. A link to the form breach notification that Gryphon Healthcare posted to its website is below.
If you received a breach notification letter from Gryphon Healthcare, LLC:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
