Rhea Medical Center has issued a notification to more than 8,000 people whose personal and protected health information was caught up in a breach at Nationwide Recovery Services last July.
Nationwide Recovery Services is a debt collection agency that the Tennessee medical center uses. At the time of the breach, they reportedly had data from more than 8,309 Rhea patients. The information in their files included provider names, addresses, Social Security numbers, financial information, and medical information.
The Nationwide Recovery Services reported the breach by email in July 2o24 to both the City and County of Chattanooga and then by letter dated February 7, 2025. The county later claimed that the July 2024 email did not constitute legal notice of a breach and that they did not receive the February letter until April 4, 2025. The hacking incident affected approximately 14,000 patients of Hamilton County EMS.
There was no mention in Rhea Medical Center’s notification as to whether Nationwide had alerted them back in July 2024 that there had been a breach.