b2b-daily
Home | IT | Cyber Security

Texas Therapy Provider Notifying Approximately 4 Million Patients of Data Theft Incident at Nevada Transcription Vendor

Avatar photo
by Craig Anderson
January 29, 2024
Image Credit: Unsplash 
Texas Therapy Provider Notifying Approximately 4 Million Patients of Data Theft Incident at Nevada Transcription Vendor
Table of Contents
  1. Scope of the Data Breach
  2. Identification of Affected Clients
  3. Impact on Other Healthcare Providers
  4. Warning about ID Theft and Fraud Risks
  5. Lawsuit Filed Against PJ&A and Mercy Health
  6. Claims and Lawsuits Against PJ&A
  7. Vulnerabilities of Medical Transcription Firms

A data theft incident at a Nevada-based medical transcription vendor last year has resulted in a Texas-based physical and occupational therapy provider notifying nearly 4 million patients that they have become victims of this breach. The compromise of the medical transcriber has potentially exposed the personal data of at least 14 million patients and counting, making it one of the largest breaches in the healthcare industry. This article delves into the impact of the breach, identifies affected clients, examines the legal actions taken, and highlights vulnerabilities in the medical transcription industry.

Scope of the Data Breach

The breach at the medical transcription vendor has had a significant impact, potentially compromising the personal data of at least 14 million patients, and the number continues to rise. With such a large amount of personal information exposed, there are concerns about the potential misuse of this data for identity theft and fraud purposes.

Identification of Affected Clients

While the Texas therapy provider, PJ&A, has not publicly named all of its clients affected by the hack, Concentra, another affected entity, has filed its own breach report to the HHS OCR. Concentra, a healthcare provider, is one of many organizations grappling with the aftermath of the breach. In addition, Crouse Health, a large healthcare provider in New York, has reported that an undisclosed number of its patients were also affected in the PJ&A incident.

Impact on Other Healthcare Providers

The data breach has had a ripple effect on the healthcare industry, with various organizations and providers being affected. Crouse Health’s disclosure regarding their affected patients further highlights the far-reaching impact of the breach.

Warning about ID Theft and Fraud Risks

In response to the PJ&A incident, New York’s Attorney General issued a public warning about the potential risks of identity theft and fraud faced by the affected patients. This highlights the severity of the breach and the need for individuals to remain vigilant and take proactive measures to protect their personal information.

Lawsuit Filed Against PJ&A and Mercy Health

A proposed federal class-action lawsuit complaint was filed against PJ&A and Mercy Health, another medical transcription client affected by the breach. The lawsuit alleges negligence and other claims against the organizations for their failure to safeguard patients’ sensitive information. This legal action underscores the accountability of organizations in protecting patients’ data.

Claims and Lawsuits Against PJ&A

PJ&A is facing similar claims in dozens of other lawsuits, which largely seek financial damages and injunctive orders to improve the company’s data security measures. The magnitude and severity of the breach have sparked legal actions against PJ&A, reflecting the importance of robust data security protocols in the healthcare industry.

Concentra, the Texas therapy provider affected by the breach, has been asked to provide additional information regarding the PJ&A incident. This includes inquiring about whether any of the therapy provider’s patients have reported incidents of identity theft or fraud that they suspect may be linked to the hack. Understanding the impact on affected patients is crucial to assessing the full extent of the breach.

Vulnerabilities of Medical Transcription Firms

Experts have highlighted several inherent traits that make medical transcription firms appealing targets for hackers. Historically, many of these companies were “mom and pop businesses” lacking robust security and privacy controls, which made them easy targets. The breach at the Nevada transcription vendor underscores the urgent need for enhanced security measures within the medical transcription industry.

The data breach at the Nevada-based transcription vendor has had far-reaching consequences for the healthcare industry. With nearly 4 million patients affected and the number continuously growing, it is imperative that organizations prioritize data security and privacy. The legal actions taken against PJ&A and Mercy Health, along with the warnings issued by authorities, serve as reminders of the need for enhanced cybersecurity measures in the medical transcription industry. Protecting patient data must be a top priority to prevent further breaches and ensure the trust and safety of individuals seeking medical care.

Digital TransformationHealthcareInformation Security

Explore more

Resilience Becomes the New Velocity for DevOps in 2026
December 19, 2025

With extensive expertise in artificial intelligence, machine learning, and blockchain, Dominic Jainy has a unique perspective on the forces reshaping modern software delivery. As AI-driven development accelerates release cycles to unprecedented speeds, he argues that the industry is at a critical inflection point. The conversation has shifted from a singular focus on velocity to a more nuanced understanding of system

Can a Failed ERP Implementation Be Saved?
December 19, 2025

The ripple effect of a malfunctioning Enterprise Resource Planning system can bring a thriving organization to its knees, silently eroding operational efficiency, financial integrity, and employee morale. An ERP platform is meant to be the central nervous system of a business, unifying data and processes from finance to the supply chain. When it fails, the consequences are immediate and severe.

When Should You Upgrade to Business Central?
December 19, 2025

Introduction The operational rhythm of a growing business is often dictated by the efficiency of its core systems, yet many organizations find themselves tethered to outdated enterprise resource planning platforms that silently erode productivity and obscure critical insights. These legacy systems, once the backbone of operations, can become significant barriers to scalability, forcing teams into cycles of manual data entry,

Is Your ERP Ready for Secure, Actionable AI?
December 19, 2025

Today, we’re speaking with Dominic Jainy, an IT professional whose expertise lies at the intersection of artificial intelligence, machine learning, and enterprise systems. We’ll be exploring one of the most critical challenges facing modern businesses: securely and effectively connecting AI to the core of their operations, the ERP. Our conversation will focus on three key pillars for a successful integration:

Trend Analysis: Next-Generation ERP Automation
December 19, 2025

The long-standing relationship between users and their enterprise resource planning systems is being fundamentally rewritten, moving beyond passive data entry toward an active partnership with intelligent, autonomous agents. From digital assistants to these new autonomous entities, the nature of enterprise automation is undergoing a radical transformation. This analysis explores the leap from AI-powered suggestions to true, autonomous execution within ERP