Strauss Borrelli PLLC, a leading data breach law firm, is investigating Glens Falls Hospital regarding its recent data breach. Glens Falls Hospital data breach may have involved sensitive personal identifiable information and protected health information belonging to an undetermined number of individuals.
ABOUT GLENS FALLS HOSPITAL:
Glens Falls Hospital is a multi-facility hospital based in New York and is a member of the Albany Med Health System.2 Founded in 1897, Glens Falls Hospital provides an array of medical and surgical services, as well as coronary care, behavioral health care, rehabilitation, wellness, etc.3 Additionally, the main hospital campus of Glens Falls Hospital includes a centers for cancer treatment, birthing, breast treatment, and chronic wound treatment.2, 3 Up to November 2, 2024, Glens Falls Hospital used Oracle Health/Cerner as an electronic health record vendor.1 Headquartered in Glens Falls, New York, Glens Falls Hospital employs over 2,300 individuals, including a medical staff of over 550 providers, across 20 regional facilities.3
WHAT HAPPENED?
Recently, Glens Falls Hospital’s third party vendor, Oracle Health/Cerner, experienced a data breach in which sensitive personal identifiable information and protected health information in its systems may have been compromised. According to the breach notice, Oracle Health/Cerner learned that an unauthorized third party gained access to Cerner electronic medical records.1 As a result, Glens Falls Hospital and Oracle Health/Cerner launched an investigation to determine the nature of the incident.
Through its investigation, Glens Falls Hospital and Oracle Health/Cerner confirmed that the sensitive personal information and protected health information in its systems may have been accessed by an unauthorized third party sometime after January 22, 2025.1 As a result, Glens Falls Hospital began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Patient medical records (e.g., medical record numbers, doctors, diagnoses, medicines, test results, images, care and treatment)
As a result of the breach, Glens Falls Hospital posted notice of the data breach on its website. Additionally, Glens Falls Hospital will begin mailing breach notification letters to impacted individuals. Based on the website breach notice, Glens Falls Hospital is providing affected individuals with a list of the specific types of sensitive information impacted and 24 months of complimentary credit monitoring services. 1 A link to the website breach notice is below.
If you received a breach notification letter from Glens Falls Hospital:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
