Strauss Borrelli PLLC, a leading data breach law firm, is investigating Radiologic Medical Services, P.C. (“RMS”) regarding its recent data breach. The Radiologic Medical Services data breach may have involved sensitive personal information and protected health information belonging to over 56,000 individuals.
ABOUT RADIOLOGICAL MEDICAL SERVICES, P.C.:
Radiologic Medical Services is a private corporation of six board-certified radiologists in Iowa that offer a broad spectrum of modalities and specializations.2 The parent company of Muscatine Radiology and Corridor Radiology, Radiologic Medical Services has two imaging centers that provide diagnostic interpretations and therapeutic intervention services for imaging patients and referring physicians in Iowa and surrounding states.2 Founded in 1971, Radiologic Medical Services is headquartered in Coralville, Iowa, and employs over 10 individuals.
WHAT HAPPENED?
Recently, Radiologic Medical Services announced that it had experienced a data breach in which sensitive personal identifiable information and protected health information in its systems may have been accessed. According to the breach notice, on February 26, 2024, Radiologic Medical Services became aware of suspicious activity related to an employee email account.1 As a result, Radiologic Medical Services launched an investigation to determine the nature of the incident.
Through its investigation, Radiologic Medical Services discovered that sensitive personal information in its systems may have been compromised by an unauthorized third party through two employee email accounts between February 22, 2024, and March 19, 2024. As a result, Radiologic Medical Services began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. On September 13, 2024, Radiologic Medical Services completed this review. The exact type of personal information potentially exposed has not been made publicly available by Radiologic Medical Services. However, on November 12, 2024, Radiologic Medical Services filed official notice of the data breach with the U.S. Department of Health and Human Services’ Office for Civil Rights, whose guidelines require entities to report data breaches when they involve protected health information. Additionally, according to state reporting guidelines, “personal information” can include the following types of information:
- Name
- Social Security number
- Driver’s license number or other unique identification number created or collected by a government body
- Financial account number, credit card number, or debit card number in combination with any required expiration date, security code, access code, or password that would permit access to an individual’s financial account
- Unique electronic identifier or routing code, in combination with any required security code, access code, or password that would permit access to an individual’s financial account
- Unique biometric data, such as a fingerprint, retina or iris image, or other unique physical representation or digital representation of biometric data
On November 12, 2024, Radiologic Medical Services posted a notice of the incident on its website. Additionally, Radiologic Medical Services began mailing notices to affected individuals. Based on the website breach notice, Radiologic Medical Services is providing affected individuals with a list of the specific types of sensitive information impacted and complimentary credit monitoring services. A link to the form breach notification that Radiologic Medical Services posted to its website is below.
If you received a breach notification letter from Radiological Medical Services, P.C.:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.