Inpatient Physician Associates Data Breach Exposes Private Health Info

Inpatient Physician Associates (IPA) recently experienced a significant data breach involving sensitive patient information. The breach originated from IPA's billing and patient records vendor, ALN Medical Management ("ALN"). ALN identified suspicious activity in March 2024 within certain systems hosted by a third-party service provider.

An investigation revealed that between March 18, 2024, and March 24, 2024, an unauthorized actor accessed and extracted files and folders containing sensitive patient information. After an extensive review, ALN confirmed that the breach impacted various types of personally identifiable information (PII) and protected health information (PHI) of IPA patients.

The exposed data included patient names, dates of birth, driver's license numbers, financial account details, health insurance information, medical information, mother's maiden names, payment card information, Social Security numbers, and taxpayer identification numbers.

On March 21, 2025, IPA began notifying affected individuals directly by letter. Given the nature of the data compromised, affected individuals face potential risks such as identity theft, financial fraud, and unauthorized use of medical information.

Inpatient Physician Associates's response

Inpatient Physician Associates has taken immediate steps to address the breach and support impacted patients. In collaboration with ALN, IPA has implemented additional security measures to strengthen data protection and prevent future incidents.

IPA is providing complimentary credit monitoring and identity theft protection services to individuals whose information was compromised. These services help affected individuals monitor their personal information and promptly detect suspicious activities or unauthorized use of their data.

If you received a notification from IPA or believe your information may have been compromised, it is important to take proactive measures to protect yourself. Consider enrolling in the free credit monitoring and identity theft protection services offered by IPA. Additionally, regularly review your financial statements, credit reports, and medical records for any unusual activity. If you identify suspicious activity, promptly report it to your financial institution, healthcare provider, or law enforcement authorities.

Individuals who have questions or concerns about this incident can contact IPA's dedicated assistance line at 1-877-720-6166. The assistance line is available between 9 a.m. and 9 p.m. Eastern Time, Monday through Friday, excluding holidays.

For more information, you can review IPA's official notification to patients posted on their website: IPA Patient Privacy Notice.

For more information about IPA, please visit their website at ipahospitalist.com.