b2b-daily
Home | IT | Cyber Security

Texas Therapy Provider Notifying Approximately 4 Million Patients of Data Theft Incident at Nevada Transcription Vendor

Avatar photo
by Craig Anderson
January 29, 2024
Image Credit: Unsplash 
Texas Therapy Provider Notifying Approximately 4 Million Patients of Data Theft Incident at Nevada Transcription Vendor
Table of Contents
  1. Scope of the Data Breach
  2. Identification of Affected Clients
  3. Impact on Other Healthcare Providers
  4. Warning about ID Theft and Fraud Risks
  5. Lawsuit Filed Against PJ&A and Mercy Health
  6. Claims and Lawsuits Against PJ&A
  7. Vulnerabilities of Medical Transcription Firms

A data theft incident at a Nevada-based medical transcription vendor last year has resulted in a Texas-based physical and occupational therapy provider notifying nearly 4 million patients that they have become victims of this breach. The compromise of the medical transcriber has potentially exposed the personal data of at least 14 million patients and counting, making it one of the largest breaches in the healthcare industry. This article delves into the impact of the breach, identifies affected clients, examines the legal actions taken, and highlights vulnerabilities in the medical transcription industry.

Scope of the Data Breach

The breach at the medical transcription vendor has had a significant impact, potentially compromising the personal data of at least 14 million patients, and the number continues to rise. With such a large amount of personal information exposed, there are concerns about the potential misuse of this data for identity theft and fraud purposes.

Identification of Affected Clients

While the Texas therapy provider, PJ&A, has not publicly named all of its clients affected by the hack, Concentra, another affected entity, has filed its own breach report to the HHS OCR. Concentra, a healthcare provider, is one of many organizations grappling with the aftermath of the breach. In addition, Crouse Health, a large healthcare provider in New York, has reported that an undisclosed number of its patients were also affected in the PJ&A incident.

Impact on Other Healthcare Providers

The data breach has had a ripple effect on the healthcare industry, with various organizations and providers being affected. Crouse Health’s disclosure regarding their affected patients further highlights the far-reaching impact of the breach.

Warning about ID Theft and Fraud Risks

In response to the PJ&A incident, New York’s Attorney General issued a public warning about the potential risks of identity theft and fraud faced by the affected patients. This highlights the severity of the breach and the need for individuals to remain vigilant and take proactive measures to protect their personal information.

Lawsuit Filed Against PJ&A and Mercy Health

A proposed federal class-action lawsuit complaint was filed against PJ&A and Mercy Health, another medical transcription client affected by the breach. The lawsuit alleges negligence and other claims against the organizations for their failure to safeguard patients’ sensitive information. This legal action underscores the accountability of organizations in protecting patients’ data.

Claims and Lawsuits Against PJ&A

PJ&A is facing similar claims in dozens of other lawsuits, which largely seek financial damages and injunctive orders to improve the company’s data security measures. The magnitude and severity of the breach have sparked legal actions against PJ&A, reflecting the importance of robust data security protocols in the healthcare industry.

Concentra, the Texas therapy provider affected by the breach, has been asked to provide additional information regarding the PJ&A incident. This includes inquiring about whether any of the therapy provider’s patients have reported incidents of identity theft or fraud that they suspect may be linked to the hack. Understanding the impact on affected patients is crucial to assessing the full extent of the breach.

Vulnerabilities of Medical Transcription Firms

Experts have highlighted several inherent traits that make medical transcription firms appealing targets for hackers. Historically, many of these companies were “mom and pop businesses” lacking robust security and privacy controls, which made them easy targets. The breach at the Nevada transcription vendor underscores the urgent need for enhanced security measures within the medical transcription industry.

The data breach at the Nevada-based transcription vendor has had far-reaching consequences for the healthcare industry. With nearly 4 million patients affected and the number continuously growing, it is imperative that organizations prioritize data security and privacy. The legal actions taken against PJ&A and Mercy Health, along with the warnings issued by authorities, serve as reminders of the need for enhanced cybersecurity measures in the medical transcription industry. Protecting patient data must be a top priority to prevent further breaches and ensure the trust and safety of individuals seeking medical care.

Digital TransformationHealthcareInformation Security

Explore more

AI Redefines the Data Engineer’s Strategic Role
January 30, 2026

A self-driving vehicle misinterprets a stop sign, a diagnostic AI misses a critical tumor marker, a financial model approves a fraudulent transaction—these catastrophic failures often trace back not to a flawed algorithm, but to the silent, foundational layer of data it was built upon. In this high-stakes environment, the role of the data engineer has been irrevocably transformed. Once a

Generative AI Data Architecture – Review
January 30, 2026

The monumental migration of generative AI from the controlled confines of innovation labs into the unpredictable environment of core business operations has exposed a critical vulnerability within the modern enterprise. This review will explore the evolution of the data architectures that support it, its key components, performance requirements, and the impact it has had on business operations. The purpose of

Is Data Science Still the Sexiest Job of the 21st Century?
January 30, 2026

More than a decade after it was famously anointed by Harvard Business Review, the role of the data scientist has transitioned from a novel, almost mythical profession into a mature and deeply integrated corporate function. The initial allure, rooted in rarity and the promise of taming vast, untamed datasets, has given way to a more pragmatic reality where value is

Trend Analysis: Digital Marketing Agencies
January 30, 2026

The escalating complexity of the modern digital ecosystem has transformed what was once a manageable in-house function into a specialized discipline, compelling businesses to seek external expertise not merely for tactical execution but for strategic survival and growth. In this environment, selecting a marketing partner is one of the most critical decisions a company can make. The right agency acts

AI Will Reshape Wealth Management for a New Generation
January 30, 2026

The financial landscape is undergoing a seismic shift, driven by a convergence of forces that are fundamentally altering the very definition of wealth and the nature of advice. A decade marked by rapid technological advancement, unprecedented economic cycles, and the dawn of the largest intergenerational wealth transfer in history has set the stage for a transformative era in US wealth