Chartis Group Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating Chartis Group, LLC regarding its recent data breach. The Chartis data breach involved sensitive personal identifiable information and protected health information belonging to an undetermined number of individuals.

ABOUT CHARTIS GROUP, LLC:

Chartis is a business consulting firm focused on providing advisory services to those in the healthcare industry. Founded in 2001, Chartis’ goal is to improving their client’s healthcare ecosystem, care delivery, and financing. Specifically, Chartis helps its clients achieve these goals through management consulting in the areas of strategy, partnerships, informatics and technology, analytics, clinical quality and patient safety services, workforce solutions, burnout solutions, and revenue cycle management. Headquartered in Chicago, Illinois, Chartis has additional office locations in Boston, New York, and San Fransico, and employs over 750 individuals.

WHAT HAPPENED?

On July 30, 2023, Chartis discovered that it had experienced a data breach in which the sensitive personal identifiable information and protected health information in its systems may have been accessed and acquired. Chartis was able to determine that the specific system impacted belonged to Chartis’ Clinical Quality Solutions division, which was formerly known as The Greenley Company. Through its investigation, Chartis determined that an unauthorized actor may have accessed this sensitive information between July 16 and July 30, 2023. On October 19, 2023, Chartis began contacting individuals whose information may have been impacted. The type of information exposed includes:

• Name
• Social Security number
• Address
• Date of birth
• Driver’s license number
• Medical information (e.g., medical record number, admission and discharge dates, length of stay, procedure date, procedure type, medical diagnosis, treatment information, lab results, medical imaging, and medications)