R1 RCM reports data breach affecting patient data

R1 RCM Inc has reported a data breach identified when it was discovered that an unauthorized entity had accessed confidential consumer information. R1 RCM Inc. is an American company specializing in revenue cycle management for the healthcare sector, offering its services to hospitals, health systems, and physician groups throughout the United States.

This breach involved information related to patients of Dignity Health – St. Rose Dominican Hospital de Lima, The breach occurred within R1 RCM's systems and not directly at Dignity Health. The initial discovery of this incident was on November 17, 2023, when it was found that data concerning some Dignity Health patients had been accessed by an unauthorized party.

The compromised data includes:

• names,
• contact information,
• dates of birth,
• Social Security numbers,
• service locations,
• clinical and diagnosis information,
• patient account and medical record numbers.

No details are disclosed about the nature of the attack or the number of affected individuals.

R1 RCM is dispatching notification letters to the impacted individuals, informing them of the breach and the particulars of their compromised data.