PracticeMax Data Breach Class Action

Turke & Strauss LLP, a leading data breach law firm, recently filed a class action lawsuit against PracticeMax, Inc. regarding its recent data breach. The PracticeMax data breach involved sensitive personal identifiable information and protected health information belonging to over 150,000 individuals.


PracticeMax is a medical practice management firm that provides billing, consulting, and registration services to hospitals, physician offices, insurance companies, and other healthcare employers. PracticeMax partners with over 5,200 providers in all 50 states and processes over 2,400,000 patient/provider encounters. PracticeMax’s headquarters is in Phoenix, Arizona, with regional offices in Illinois, Nebraska, New York, Louisiana, Texas, and Oregon.


On May 1, 2021, PracticeMax learned it had experienced a data breach when it discovered ransomware on certain systems in its network. Later, PracticeMax determined that, between April 17 and May 5, 2021, the sensitive personal identifiable information and protected health information in its system may have been accessed and removed. In October 2021, PracticeMax began notifying individuals whose information may have been impacted. Additional data breach notification letters were sent in February and March 2022. Recently, on June 10, 2022, PracticeMax filed additional data breach notifications with various state governments signifying that more individuals likely needed notification that their personal identifiable information and protected health information may have been impacted. The type of information exposed in the PracticeMax breach includes:

  • Name
  • Social Security number
  • Address
  • Date of birth
  • Treatment and/or diagnosis information
  • Health insurance information
  • Financial information
  • Patient account number
  • Employer and employee identification number
  • Passport number
  • Driver’s license or state identification number
  • Prescription information
  • Provider or employer username and password

If you received a data breach notification letter from PracticeMax, Inc.:

Turke & Strauss recently filed a class action complaint against PracticeMax in the United States District Court for the District of Arizona. The lawsuit was filed on behalf of all impacted individuals in the United States. You can review a copy of the complaint here.

If you were impacted by the PracticeMax data breach, you may consider taking the following steps to protect your personal information.

  1. Carefully review the breach notice and retain a copy;
  2. Enroll in the free credit monitoring service provided by PracticeMax;
  3. Change passwords and security questions for online accounts;
  4. Regularly review account statements for signs of fraud or unauthorized activity;
  5. Monitor credit reports for signs of identity theft; and
  6. Contact a credit bureau(s) to request a temporary fraud alert.

Share This Post: