Skip to main content
eye close up

Summit Eye Data Breach Investigation

Written by The Lyon Firm on . Posted in Data Breach, Litigation Update.

The Lyon Firm is actively involved in personal privacy and healthcare data theft cases and is currently investigating Eye Care Leaders systems, including Evergreen Health and Summit Eye data breach claims on behalf of plaintiffs nationwide.

Summit Eye Associates was notified of a data security incident experienced by Eye Care Leaders, a third-party provider of the myCare Integrity medical platform that is used by Summit Eye Associates. According to Eye Care Leaders, on or around December 4, 2021, an unauthorized party accessed myCare Integrity data and deleted databases and system configuration files. It was later discovered that an unauthorized actor may have gained information related to patients at Summit.

The Eye Care Leaders breach was confined to the myCare Identity solution, and the specific systems of individual eye care providers were not compromised. It is currently unclear how many individuals have been affected by the breach, but it could massive, seeing that Eye Care Leaders provides software solutions to more than 9,000 ophthalmologists and optometrists.

Other than Summit, another known entity impacted was Evergreen Health. Evergreen has sent notifications to over 20,000 patients in April 2022. Evergreen noted the breach only affected data related to the Evergreen Health Eye Care Clinic.

Ohio-based Allied Eye Physicians & Surgeons Inc. reported to the Maine attorney general’s office that a hacking incident affected almost 21,000 individuals.

Regional Eye Associates Inc. of West Virginia posted a notification statement on its website regarding a hacking incident but did not name the vendor.

Summit Eye did not notify victims of the breach until on or around April 27, 2022. According to the HHS site, the data of 53,818 individuals was compromised in the breach.

Summit Eye Associates is a medical group practice located in Hermitage, Tennessee that specialize in ophthalmology. If you received a data breach notification letter from Summit Eye, please contact us as soon as possible to understand your legal rights in response to the data breach.

summit eye data breach notice

 

Several vision care practices around the country have reported data breaches involving the ECL incident. The Department of Health and Human Services’ Office for Civil Rights’ HIPAA Breach Reporting Tool website indicates more data breach reports filed by vision practices, related to the ECL security incident, including:

  • Frank Eye Center in Kansas – 26,333 individuals
  • Ilumin (Arkfeld, Parson & Goldstein) in Nebraska – nearly 15,000 individuals
  • Northern Eye Care Associates in Michigan – 8,000 individuals
  • Ad Astra Eye LLC in Kansas – 3,700 individuals
  • Summit Eye in Tennessee – over 50,000 individuals
  • Regional Eye Associates Inc. & Surgical Eye Center in Morgantown, West Virginia – 194,035 individuals
  • Texas Tech University – 1.2 million individuals