Data Breach Investigation of Orthopedic Institute of Western Kentucky Patient Information

Migliaccio & Rathod LLP is currently investigating the Orthopedic Institute of Western Kentucky (a subsidiary of Southern Orthopedic Associates) for failing to safeguard sensitive patient information in a data breach that occurred in July of 2021. The data breach was caused by unauthorized access to an employee’s email account that allowed an unauthorized actor to access the personal information of past and present orthopedic patients in Kentucky and other states. Examples of the types of data exposed in the leak include names, dates of birth, addresses, social security numbers, medical records, lab results, diagnoses, medications, health insurance information, and dates of services.

Unauthorized access to sensitive patient information is commonly used by cybercriminals to commit a number of identity theft crimes. For example, in previous data breaches, patients have had to spend hours monitoring their personal accounts for fraud or pay out of pocket for identity monitoring services. Individuals may have noticed suspicious credit card purchases, unauthorized banking activity in their name, medical procedures ordered without their permission, or disruptions in medical service.

Are you or have you been an Orthopedic Institute of Western Kentucky patient who has received a data breach notification letter in the past year?

If so, we would like to hear from you. Please complete the questionnaire below, send us an email at [email protected], or give us a call at (202) 470-3520.

The lawyers at Migliaccio & Rathod LLP have years of experience in class action litigation against large corporations, including in cases involving data breaches. More information about our current cases and investigations is available on our blog.