Strauss Borrelli PLLC, a leading data breach law firm, is investigating Citadel of Northbrook regarding its recent data breach. The Citadel of Northbrook data breach may have involved sensitive personal information belonging to an undetermined number of individuals.
ABOUT CITADEL OF NORTHBROOK:
Citadel of Northbrook is a rehabilitation center in Northbrook, Illinois, and a part of Citadel Healthcare, which is a collection of skilled nursing and rehabilitation centers in Illinois. Founded in 2015, Citadel Healthcare offers therapy for patients, including stroke, cardiac, orthopedic, and pulmonary rehabilitation, as well as skilled nursing, dialysis, medication management, and other patient-specific care.3 Additionally, Citadel Healthcare offers memory support care, behavior and psycho-social aspects, hospice and palliative care, and respite stays.4 Headquartered in Skokie, Illinois, Citadel Healthcare employs over 1,000 individuals. While it specializes in pulmonary rehabilitation after a stroke, Citadel of Northbrook also offers skilled nursing and rehabilitation services similar to other Citadel Healthcare locations.5
WHAT HAPPENED?
Recently, Citadel of Northbrook reported to the Attorney General of New Hampshire that its electronic health record (EHR) platform provider, PointClickCare, had experienced a data breach in which sensitive personal identifiable information belonging to Citadel of Northbrook patients may have been accessed. According to the breach notice, on September 26, 2024, Citadel of Northbrook was notified by PointClickCare of a data security incident that PointClickCare discovered on July 20, 2024.1
Through its investigation, PointClickCare determined that an unauthorized third party used compromised credentials to access and acquire patient information in the EHR platform, including information pertaining to Citadel of Northbrook patients. As a result, Citadel of Northbrook began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Date of birth
- Medicare/Medicaid identification numbers
- Medical information (treatment and diagnosis information, admission dates, discharge dates, prescription information)
- Health insurance policy numbers
On November 25, 2024, Citadel of Northbrook began mailing data breach notification letters to impacted individuals and posted notice on its website. Based on the breach notice sent to New Hampshire residents, Citadel of Northbrook is providing affected individuals with a list of the specific types of sensitive information impacted and complementary credit monitoring services. A link to the form breach notification letters that Citadel of Northbrook filed with the Attorney General of New Hampshire is below.
If you received a breach notification letter from Citadel of Northbrook:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
