Strauss Borrelli PLLC, a leading data breach law firm, is investigating General Physician, P.C. regarding its recent data breach. The General Physician data breach may have involved sensitive personal identifiable information and protected health information belonging to an undetermined number of individuals.
ABOUT GENERAL PHYSICIAN, P.C.:
General Physician is a medical group serving Western New York. Founded in 2010, General Physician is a collective of the region’s healthcare providers from many different areas of medicine, from general practitioners to highly skilled specialists.2 Today, General Physician has a variety of specialties, including primary care, cancer care, cardiology, cardiothoracic surgery, endocrinology, gastroenterology, general surgery, orthopedics, post-acute care, pulmonary services, thoracic surgery, urogynecology, and women’s health.2 Headquartered in Buffalo, New York, General Physician has over 40 locations in New York and employs over 500 individuals.
WHAT HAPPENED?
Recently, General Physician announced that it had experienced a data breach in which the sensitive personal identifiable information and protected health information in its systems may have been accessed. According to the breach notice, on June 12, 2024, General Physician became aware of suspicious activity relating to its email tenant.1 As a result, General Physician launched an investigation to determine the nature of the incident.
Through its investigation, on or about August 6, 2024, General Physician confirmed that sensitive personal information in its systems may have been compromised by an unauthorized third-party between April 6, 2024, and June 12, 2024. As a result, General Physician began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Address
- Date of birth
- Financial account information
- Medical information (e.g., medical record number, medical history information, mental and physical treatment information, diagnosis information, treating physician)
- Health insurance information (e.g., policy number, subscriber number, group/plan number)
On October 15, 2024, General Physician posted notice of the incident on its website. Additionally, General Physician plans to mail data breach notification letters to impacted individuals. Based on the website breach notice, General Physician is providing affected individuals with a list of the specific type of sensitive information impacted. A link to the form breach notification that General Physician posted to its website is below.
If you received a breach notification letter from General Physician, P.C.:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
