R1 RCM Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating R1 RCM Inc. (“R1”) regarding its recent data breach. The R1 data breach involved personal identifiable information and protected health information belonging to an undetermined number of individuals.


R1 is a revenue cycle management company based in Utah. Founded in 2003, R1 helps healthcare providers manage costs, increase revenue and streamline operations so they can deliver the quality care and empowered experience that patients deserve.2 The R1 Platform brings the power of AI, Intelligent Automation and Deep Data Analytics to healthcare through proprietary RCM optimization engines that turn complex data into financial and operating performance improvements.3 Headquartered in Murray, Utah, R1 has additional locations across the United States and Asia, and employs over 30,000 individuals.


Recently, R1 discovered that it had experienced a data breach in which personal identifiable information and protected health information in its systems may have been accessed and acquired. Through its investigation, R1 determined that an unauthorized party may have accessed sensitive information belonging to patients of St. Rose Dominican Hospital de Lima, a Dignity Health hospital, on November 17, 2023. As a result, R1 began notifying individuals whose information may have been impacted. The type of information potentially exposed includes:

  • Name
  • Social Security number
  • Date of birth
  • Contact information
  • Medical information (e.g., location of services, clinical and/or diagnosis information, patient account and/or medical record number)

If you received a breach notification letter from R1 RCM Inc.:

We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at (608) 237-1775 or sam@turkestrauss.com.

If you were impacted by the R1 data breach, you may consider taking the following steps to protect your personal information.

  1. Carefully review the breach notice and retain a copy;
  2. Enroll in any free credit monitoring services provided by R1 RCM Inc.:
  3. Change passwords and security questions for online accounts;
  4. Regularly review account statements for signs of fraud or unauthorized activity;
  5. Monitor credit reports for signs of identity theft; and
  6. Contact a credit bureau(s) to request a temporary fraud alert.

Share This Post: