Across the nation, Onsite Mammography supports health care providers - such as OB/GYN and primary care practices- with imaging services. By partnering with Onsite Mammography, healthcare providers can offer in-office mammograms. On April 21, 2025, Onsite Mammography...
30 Years Of Practice.
Firm News
Nationwide Recovery Service, Inc.(“NRS”) Data Breach Investigation
Nationwide Recovery Service, Inc. (“NRS”) is a debt collector for healthcare providers including Hamilton County Emergency Services (“EMS”) (TN), Vitruvian Health dba Hamilton Health Care System, Inc. (TN and GA), Rhea Medical Center (TN), Select Medical Holdings, and...
Data Breach Investigation involving Cleo Communications and Hertz, Dollar and Thrifty (“Hertz”)
Hertz, Dollar, and Thrifty (“Hertz”) utilize Cleo Communications’ file transfer system (“FTS”). Though Hertz’ specific use of the Cleo FTS is unknown, in some cases, FTS is used to transfer employee files between organizations. According to a report filed with a state...
Medical Express Ambulance Inc. dba MedEx Ambulance Data Breach Investigation
A year after 118,418 individuals had their personally identifiable information (“PII”) and protected health information (“PHI”) compromised, MedEx Ambulance (“MedEx”) provided notification to the affected individuals. On March 18, 2024, an unauthorized party gained...
Blue Shield of California and Google Data Breach Investigation
According to an April 9, 2025 report submitted by Blue Shield of California to the California Attorney General, between April 21, 2021 and January 2024, a Google Analytics configuration allowed insureds’ protected health information (“PHI”) to be shared with Google...
Laboratory Services Cooperative (“LSC”) Data Breach Investigation
Laboratory Services Cooperative (“LSC”) provides testing services to select Planned Parenthood (“PP”) centers in Alaska, Hawaii, Idaho, Indiana, Kentucky, and Washington, also known as “Planned Parenthood Great Northwest, Hawaii, Alaska, Indiana, Kentucky or...
Matthew Weiss, University of Michigan and Keffer Development Services [aka Athletic Trainer System(“ATS”)] Data Breach Investigation
Keffer Development Services [aka Athletic Trainer System("ATS")] produces software used by athletic trainers, medical professionals, athletes, students, coaches, administrators, and parents. The "ATS" data base includes student-athletes’ personal information. Between...
Cleo Communications, Inc. (“Cleo”) and WK Kellogg Co. (“Kellogg”) Data Breach Investigation
According to a report filed with a governmental entity, Kellogg uses a file transfer service (“FTS”) produced by Cleo to electronically transfer employee files to its human resource service vendors. Allegedly, a vulnerability in the “FTS” resulted in a December 7,...
Ortho minds, LLC Data Breach Investigation
Orthominds, LLC is an orthodontic management software platform used by orthodontic practices. The software assists practices with services such as billing, insurance filing, and scheduling. During a ten-day period in November 2024, an undisclosed number of individuals...
St. Joseph’s College of Maine (“SJCM”) Data Breach Investigation
Between December 15, 2023 and January 24, 2024, an unauthorized party gained access to SJCM’s network compromising 126,580 individuals’ personally identifiable information (“PII”) and protected health information (“PHI”). The PII and PHI that was compromised includes...

