Perry Johnson & Associates (“PJ&A”), a major medical billing and documentation company, has recently reported a significant data breach. The company filed a notice of data breach with the California Attorney General on November 3, 2023. The incident reportedly involved unauthorized access of files stored on the company’s computer network.
According to PJ&A’s notice, the breach resulted in an unauthorized party gaining access to sensitive consumer data. This includes names, Social Security numbers, dates of birth, addresses, medical record numbers, and hospital account details amongst other personal data.
Though the total number of affected consumers remains undisclosed, the repercussions for both PJ&A and the impacted individuals can be severe. Under California’s data breach laws, businesses are required to offer free identity theft protection and mitigation services to affected residents for no fewer than 12 months if their information was or is reasonably believed to have been breached.
For the legal professional dealing with data privacy and corporate responsibility, this event serves as a stark reminder of the obligations that businesses have to protect sensitive data. It emphasizes the need for robust network security measures and the potential legal consequences that can follow when those measures fail.
Additional information about the data breach and its implications for PJ&A can be found on the JD Supra report which presents a deeper and distinct perspective about it by Console and Associates, P.C.