Strauss Borrelli PLLC, a leading data breach law firm, is investigating The Physical Medicine & Rehabilitation Center (“PM&R Center”) regarding its recent data breach. The PM&R Center data breach may have involved sensitive personal identifiable information and protected health information belonging to over 4,000 individuals.
ABOUT THE PHYSICAL MEDICINE & REHABILITATION CENTER:
The PM&R Center is a healthcare service provider based in New Jersey. Founded in 1986, the PM&R Center offers care for patients with sports, spine, orthopedic and neuromuscular conditions.2 Accordingly, the PM&R Center is a diagnostic and treatment facility, with an emphasis on non-operative treatment including physical therapy, occupational therapy, patient education, and body mechanics.2 Today, the PM&R Center has grown to include multidisciplinary outpatient facilities with a staff of physiatrists (doctors of physical medicine and rehabilitation), physical therapists, occupational therapists, massage therapists, fitness specialists, and sport psychology specialists.2 Headquartered in Englewood, New Jersey, the PM&R Center has four additional locations across New Jersey and New York and employs over 50 individuals.
WHAT HAPPENED?
Recently, PM&R Center announced that it had experienced a data breach in which the sensitive personal identifiable information and protected health information in its systems may have been accessed. According to the breach notice, on July 8, 2024, PM&R Center became aware of unusual activity within its computer network. As a result, PM&R Center launched an investigation to determine the nature of the incident.
Through its investigation, PM&R Center learned that sensitive personal information in its systems may have been compromised by an unauthorized third-party between July 8 and July 9, 2024. As a result, PM&R Center began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Address
- Date of birth
- Contact information (e.g., phone number, email address)
- Driver’s license and/or state identification number
- Credit or debit card number
- Medical information (e.g., treatment/diagnosis information, prescription information, provider name, medical record number, dates of service, patient ID)
- Health insurance information (e.g., treatment cost information, health insurance policy number, health insurance claim number)
- Medicare/Medicaid number
On September 6, 2024, PM&R Center posted a notice of the incident on its website. Based on the breach notice on its website, PM&R Center is providing affected individuals with a list of the specific type of sensitive information impacted and complimentary identity monitoring services. A link to the form breach notification that PM&R Center posted to its website is below.
If you received a breach notification letter from The Physical Medicine & Rehabilitation Center:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
