Avem Health Partners hit by Data Breach, Exposing Patients

On or around December 14, 2022, Avem Health Partners announced that a cybersecurity breach left its servers susceptible to attack. Around May 2022, the company learned from a third party vendor, 365 Data Centers, that private information was made vulnerable to outside agents resulting in an unknown actor being able to access their health organization information, including patient data.

Avem Health Partners is an Oklahoma based hospital management company which provides healthcare organizations with administrative and technological services. The Avem group outsourced some of their certain services to other companies, one of which was 365 Data Centers where the data breach initially occurred. Investigations pinpoint the data breach as early as May 2022, but Avem did not start notifying health organizations until September 9, 2022. Patients remained unaware for a few more months until Avem distributed letters.

Patient information such as patient names, dates of birth, Social Security numbers, driver’s license numbers, health insurance information, diagnosis and treatment information and potentially much more has been exposed.

If you received a letter from Avem Health Partners or 365 Data Centers indicating that your information was involved in a data breach, fill out the this form to participate in Shub Law’s investigation.