Cardiovascular Associates Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating Cardiovascular Associates, PC, a physician’s office that partners with external healthcare providers, including Brookwood Baptist Health, regarding its recent data breach. The Cardiovascular Associates data breach involved sensitive personal identifiable information and protected health belonging to over 441,000 individuals.


Cardiovascular Associates is a physician’s office that specializes in providing cardiovascular services throughout Alabama. Since its founding in 1946, Cardiovascular Associates has expanded its diagnostic and treatment options in the realms of prevention, intervention, and treatment. Currently, Cardiovascular Associates is capable of treating everything from advanced heart failure to vascular disease through a multi-pronged and personalized approach involving diet, exercise, surgery, and medication. Additionally, Cardiovascular Associates possesses expertise in heart disease issues specific to women. Headquartered in Birmingham, Alabama, Cardiovascular Associates operates seven facilities throughout Alabama, including in-house services with Brookwood Baptist Health.


On December 5, 2022, Cardiovascular Associates discovered that it had experienced a data breach in which the sensitive personal identifiable information and protected health information in its systems may have been accessed and obtained. Through its investigation, Cardiovascular Associates determined that an unauthorized actor accessed and acquired this sensitive information between November 28 and December 5, 2022. Cardiovascular Associates posted a preliminary online notice of its data breach on February 3, 2023. On March 17, 2023, Cardiovascular Associates began contacting individuals whose information may have been impacted. The type of information exposed includes:

  • Name
  • Social Security number
  • Date of birth
  • Address
  • Passport number
  • Driver’s license number
  • Username or password
  • Financial information (e.g., account information, credit or debit card number)
  • Health insurance information (e.g., member ID number, policy or group number)
  • Medical information (e.g., record number, dates of service, provider name, diagnosis or treatment information)

If you received a breach notification letter from Cardiovascular Associates or Brookwood Baptist Health:

We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at (608) 237-1775 or

If you were impacted by the Cardiovascular Associates data breach, you may consider taking the following steps to protect your personal information.

  1. Carefully review the breach notice and retain a copy;
  2. Enroll in any free credit monitoring services provided by Cardiovascular Associates, PC;
  3. Change passwords and security questions for online accounts;
  4. Regularly review account statements for signs of fraud or unauthorized activity;
  5. Monitor credit reports for signs of identity theft; and
  6. Contact a credit bureau(s) to request a temporary fraud alert.

Share This Post: