close
close
PointClickCare Data Breach Affects Residents at Multiple Long-Term Care Facilities | Console and partner, PC

On November 25, 2024, two long-term care facilities that rely on the services provided by PointClickCare filed data breach reports after discovering that the PointClickCare incident resulted in patient data being compromised. In recently released website notices, the affected entities, Citadel of Northbrook and Pavilion of Bridgeview, say the incident resulted in an unauthorized party gaining access to consumers’ confidential information, including names, dates of birth, Social Security numbers and Medicare/Medicaid identification numbers , medical information and health insurance information. After the investigation was completed, affected entities began sending data breach notification letters to all individuals whose data was affected by the recent data security incident.

If you have received a data breach notification from PointClickCare, Citadel of Northbrook, Pavilion of Bridgeview, or any other entity affected by the PointClickCare data breach, it is important that you understand what is at risk and what you can do about it . A data breach attorney can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft and discuss your legal options following the PointClickCare data breach. For more information, see our recent article on this topic Here.

What Caused the PointClickCare Data Breach?

The data breach at PointClickCare was recently disclosed and more information is expected in the near future. And although PointClickCare does not appear to have officially reported the breach, two long-term care facilities affected by the incident have posted notices on the website discussing the incident.

According to website notices posted on the Citadel of Northbrook and Pavilion of Bridgeview websites, on July 20, 2024, PointClickCare discovered unusual activity within its EHR platform. In response, PointClickCare launched an investigation to learn more about the incident.

Through this investigation, PointClickCare confirmed that an unauthorized actor used certain compromised credentials to access, view, and acquire patient information stored on the EHR platform.

After learning that sensitive patient data was accessible to unauthorized parties, PointClickCare reviewed the compromised files to determine what information was leaked and which consumers were affected. While the breached information varies from person to person, it may include your name, date of birth, Social Security number, Medicare/Medicaid identification number, medical information, and health insurance information.

On November 25, 2024, Citadel of Northbrook and Pavilion of Bridgeview sent data breach letters to everyone affected by the recent data security incident. These letters should provide victims with a list of information belonging to them that was compromised. Notably, both Citadel of Northbrook and Pavilion of Bridgeview are owned by Omnia Healthcare Group.

More information about PointClickCare

PointClickCare is a healthcare software company based in Ontario, Canada. PointClickCare provides third-party management services to skilled nursing facilities, senior living facilities, hospitals, health plans and others. PointClickCare employs more than 2,000 people and generates annual sales of approximately $420 million.

Leave a Reply

Your email address will not be published. Required fields are marked *