Nemadji Research Corporation

Nemadji Research Corporation, operating under the alias Nemadji, is a U.S.-based entity engaged in providing patient eligibility verification services to healthcare organizations. The company acts as a contractor for clients such as county health departments, facilitating access to sensitive patient records as part of its operational scope. Its services involve handling protected health information, indicating a role in administrative or data processing functions within the healthcare sector. The organization's client base includes multiple healthcare entities, suggesting a business model oriented toward serving institutional rather than individual customers.

A 2019 cybersecurity incident exposed vulnerabilities in Nemadji's data handling practices. Unauthorized access to an employee's email account compromised sensitive information of approximately 15,000 individuals across several client organizations, including Los Angeles County's Department of Health Services. The breach revealed a critical failure in data protection protocols: encrypted patient records were stored alongside their corresponding decryption keys within the same email system, rendering encryption effectively useless. This lapse impacted multiple healthcare clients simultaneously, with at least one other entity reporting over 1,000 affected patients due to the same incident. The event underscores Nemadji's involvement in processing high-sensitivity data while highlighting operational risks associated with centralized access to decryption credentials. No explicit information is available regarding the organization's corporate structure, ownership, or scale beyond its contractual relationships with healthcare providers.