U.S. Department of Health & Human Services

As required by section 13402(e)(4) of the HITECH Act, the Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals. The following breaches have been reported to the Secretary: Cases Currently Under Investigation
This page lists all breaches reported within the last 24 months that are currently under investigation by the Office for Civil Rights.
Show Advanced Options

We are generating the report for you. Please wait......

Breach Report Results


Name of Covered Entity	State	Covered Entity Type	Individuals Affected	Breach Submission Date	Type of Breach	Location of Breached Information	Business Associate Present
Iowa Department of Health and Human Services	IA	Health Plan	833	05/26/2023	Unauthorized Access/Disclosure	Paper/Films	Yes
Lancaster Orthopedic Group	PA	Healthcare Provider	500	05/26/2023	Hacking/IT Incident	Network Server	No
UI Community Home Care, a subsidiary of University of Iowa Health System	IA	Healthcare Provider	67897	05/24/2023	Hacking/IT Incident	Electronic Medical Record, Network Server	No
Grant Regional Health Center	WI	Healthcare Provider	4135	05/23/2023	Hacking/IT Incident	Email	No
PillPack LLC	NH	Healthcare Provider	19032	05/19/2023	Hacking/IT Incident	Network Server	No
PartsSource, Inc. Welfare Benefit Plan	OH	Health Plan	1474	05/19/2023	Hacking/IT Incident	Network Server	No
Tennessee Orthopaedic Clinics	TN	Healthcare Provider	500	05/19/2023	Hacking/IT Incident	Network Server	No
Marshall Information Services, LLC dba Primary Solutions	OH	Business Associate	7456	05/18/2023	Hacking/IT Incident	Network Server	Yes
University of Missouri Health Care	MO	Healthcare Provider	736	05/17/2023	Unauthorized Access/Disclosure	Electronic Medical Record	No
Clarke County Hospital	IA	Healthcare Provider	28003	05/17/2023	Hacking/IT Incident	Network Server	No
Fertility Specialists Medical Group	CA	Healthcare Provider	9437	05/15/2023	Hacking/IT Incident	Network Server	No
Lehigh Valley Health Network	PA	Healthcare Provider	627	05/15/2023	Hacking/IT Incident	Network Server	No
R&B Corporation of Virginia d/b/a Credit Control Corporation	VA	Business Associate	345523	05/13/2023	Hacking/IT Incident	Network Server	Yes
PharMerica Corporation	KY	Healthcare Provider	5815591	05/12/2023	Hacking/IT Incident	Network Server	No
Great Expressions Dental Centers	MI	Healthcare Provider	528	05/12/2023	Hacking/IT Incident	Network Server	No
Sesame, Inc.	NY	Business Associate	1809	05/12/2023	Unauthorized Access/Disclosure	Network Server	Yes
Illinois Department of Healthcare and Family Services, Illinois Department of Human Services	IL	Health Plan	50839	05/12/2023	Hacking/IT Incident	Network Server	No
Solutran	MN	Business Associate	17728	05/12/2023	Hacking/IT Incident	Network Server	Yes
Health Benefit Plan of the Anchorage School District	AK	Health Plan	4598	05/12/2023	Theft	Laptop	No
United Healthcare Services, Inc. Single Affiliated Covered Entity	CT	Health Plan	1116	05/12/2023	Unauthorized Access/Disclosure	Email	No
Catholic Health System	NY	Healthcare Provider	12759	05/11/2023	Unauthorized Access/Disclosure	Electronic Medical Record	Yes
IMA Financial Group, Inc.	KS	Business Associate	2937	05/10/2023	Hacking/IT Incident	Network Server	Yes
Uintah Basin Healthcare	UT	Healthcare Provider	103974	05/10/2023	Hacking/IT Incident	Network Server	No
Brightline, Inc.	CA	Business Associate	28975	05/10/2023	Hacking/IT Incident	Other	Yes
Smile Doctors of Arizona, P.C. d/b/a Grinz Orthodontics ("Grinz Orthodontics")	AZ	Healthcare Provider	1034	05/09/2023	Theft	Desktop Computer	No
ASAS Health, LLC	TX	Healthcare Provider	25527	05/06/2023	Hacking/IT Incident	Desktop Computer, Laptop, Network Server	No
United Healthcare Services, Inc. Single Affiliated Covered Entity	CT	Health Plan	1971	05/05/2023	Unauthorized Access/Disclosure	Network Server	No
United Healthcare Services, Inc. Single Affiliated Covered Entity	CT	Health Plan	26561	05/05/2023	Hacking/IT Incident	Network Server	No
Our Sunday Visitor, Inc.	IN	Health Plan	965	05/05/2023	Hacking/IT Incident	Network Server	No
People Incorporated of Sequoyah County	OK	Healthcare Provider	8725	05/05/2023	Hacking/IT Incident	Network Server	No
New Mexico Department of Health	NM	Healthcare Provider	49000	05/04/2023	Unauthorized Access/Disclosure	Other	No
Methodist Family Health	AR	Healthcare Provider	5259	05/03/2023	Hacking/IT Incident	Network Server	No
Northwest Health – La Porte	IN	Healthcare Provider	10256	05/02/2023	Unauthorized Access/Disclosure	Paper/Films	No
Oyate Health Center	SD	Healthcare Provider	575	05/02/2023	Improper Disposal	Paper/Films	No
Herbert J. Thomas Memorial Hospital Association dba Thomas Memorial Hospital	WV	Healthcare Provider	2563	05/02/2023	Hacking/IT Incident	Network Server	Yes
University Urology	NY	Healthcare Provider	56816	05/01/2023	Hacking/IT Incident	Network Server	No
Summit Eye & Optical	NJ	Healthcare Provider	5727	05/01/2023	Hacking/IT Incident	Network Server	No
ReDiscover Mental Health	MO	Healthcare Provider	877	05/01/2023	Unauthorized Access/Disclosure	Email	No
Brightside Health, Inc.	CA	Healthcare Provider	767	04/30/2023	Unauthorized Access/Disclosure	Electronic Medical Record, Other	No
Link Audiology LLC	WA	Healthcare Provider	7200	04/28/2023	Hacking/IT Incident	Email	No
HealthPlan Services, Inc.	FL	Business Associate	9349	04/28/2023	Hacking/IT Incident	Network Server	Yes
Grohler Hearing Aid Center, INC DBA Beltone Hearing Aid Centers	VA	Healthcare Provider	5272	04/28/2023	Hacking/IT Incident	Email	No
Allina Health	MN	Healthcare Provider	1042	04/28/2023	Unauthorized Access/Disclosure	Network Server	No
Unlimited Care, Inc.	NY	Healthcare Provider	8453	04/27/2023	Hacking/IT Incident	Network Server	No
Delphi Drug & Alcohol Council	NY	Healthcare Provider	6288	04/27/2023	Hacking/IT Incident	Email	No
University of California, San Francisco	CA	Healthcare Provider	676	04/26/2023	Hacking/IT Incident	Email	No
CounSol, LLC	FL	Business Associate	4277	04/25/2023	Unauthorized Access/Disclosure	Network Server	Yes
Lake County Health Department and Community Health Center	IL	Healthcare Provider	17000	04/25/2023	Hacking/IT Incident	Email	No
Mars Area School District	PA	Health Plan	1270	04/24/2023	Hacking/IT Incident	Network Server	No
Robeson Health Care Corporation	NC	Healthcare Provider	15045	04/21/2023	Hacking/IT Incident	Network Server	No
Brightline, Inc.	CA	Business Associate	180694	04/20/2023	Hacking/IT Incident	Network Server, Other	Yes
Upper Peninsula Health Plan	MI	Health Plan	833	04/20/2023	Hacking/IT Incident	Network Server	Yes
Modern Cardiology Associates		Healthcare Provider	10000	04/19/2023	Hacking/IT Incident	Network Server	No
Graceworks Lutheran Services	OH	Healthcare Provider	6737	04/19/2023	Hacking/IT Incident	Network Server	No
Morgan Stanley	NY	Health Plan	535	04/18/2023	Unauthorized Access/Disclosure	Paper/Films	No
Integrated Medical Services	AZ	Healthcare Provider	6591	04/17/2023	Unauthorized Access/Disclosure	Paper/Films	No
Ethan Health, LLC	KY	Healthcare Provider	4047	04/14/2023	Hacking/IT Incident	Email	No
MiniMed Distribution Corp.	CA	Healthcare Provider	58374	04/14/2023	Unauthorized Access/Disclosure	Network Server	No
Dallas County	TX	Healthcare Provider	501	04/14/2023	Improper Disposal	Desktop Computer	No
United Steelworkers Local 286	PA	Health Plan	37965	04/14/2023	Hacking/IT Incident	Email	No
Two Rivers Public Health Department	NE	Healthcare Provider	15168	04/14/2023	Hacking/IT Incident	Email	No
Presence Healthcare Services dba Presence Medical Group	IL	Healthcare Provider	921	04/14/2023	Unauthorized Access/Disclosure	Paper/Films	No
Henry County Hospital	OH	Healthcare Provider	3689	04/14/2023	Hacking/IT Incident	Network Server	Yes
Brightline, Inc.	CA	Business Associate	49968	04/13/2023	Hacking/IT Incident	Network Server, Other	Yes
NationsBenefits Holdings, LLC	FL	Business Associate	3037303	04/13/2023	Hacking/IT Incident	Network Server	Yes
John Muir Health - Walnut Creek Medical Center	CA	Healthcare Provider	821	04/13/2023	Unauthorized Access/Disclosure	Network Server	No
Multnomah County	OR	Healthcare Provider	2721	04/12/2023	Theft	Paper/Films	No
Cummins Behavioral Health Systems	IN	Healthcare Provider	501	04/12/2023	Hacking/IT Incident	Network Server	No
Montgomery General Hospital	WV	Healthcare Provider	500	04/11/2023	Hacking/IT Incident	Network Server	No
Pathway Healthcare, LLC	AL	Healthcare Provider	1304	04/11/2023	Unauthorized Access/Disclosure	Email	No
Retina & Vitreous of Texas, PLLC	TX	Healthcare Provider	35766	04/10/2023	Hacking/IT Incident	Network Server	No
St. Vincent’s Ambulatory Care, Inc.	FL	Healthcare Provider	768	04/10/2023	Unauthorized Access/Disclosure	Electronic Medical Record	No
Iowa Department of Health and Human Services - Iowa Medicaid Enterprise (Iowa HHS-IME)	IA	Health Plan	20815	04/10/2023	Hacking/IT Incident	Network Server	Yes
La Clínica de La Raza, Inc.	CA	Healthcare Provider	15316	04/07/2023	Hacking/IT Incident	Email	No
Brightline, Inc.	CA	Business Associate	199000	04/07/2023	Hacking/IT Incident	Network Server	Yes
Brightline, Inc.	CA	Business Associate	21830	04/07/2023	Hacking/IT Incident	Network Server	Yes
Gretna Family Health	NE	Healthcare Provider	600	04/07/2023	Hacking/IT Incident	Network Server	No
Brightline, Inc.	CA	Business Associate	7411	04/07/2023	Hacking/IT Incident	Network Server	Yes
Brightline, Inc.	CA	Business Associate	31440	04/07/2023	Hacking/IT Incident	Network Server	Yes
Brightline, Inc.	CA	Business Associate	4044	04/07/2023	Hacking/IT Incident	Network Server	Yes
Brightline, Inc.	CA	Business Associate	462241	04/07/2023	Hacking/IT Incident	Network Server	Yes
Brightline, Inc.	CA	Business Associate	7672	04/07/2023	Hacking/IT Incident	Network Server	Yes
Centers for Medicare & Medicaid Services	MD	Health Plan	10011	04/07/2023	Unauthorized Access/Disclosure	Paper/Films	Yes
St. Luke's Health System, Ltd.	ID	Healthcare Provider	15246	04/06/2023	Unauthorized Access/Disclosure	Paper/Films	No
California Physicians’ Services dba Blue Shield of California	CA	Health Plan	1553	04/05/2023	Hacking/IT Incident	Network Server	Yes
NORTHEAST BEHAVIORAL HEALTH CARE CONSORTIUM	PA	Health Plan	13240	04/05/2023	Hacking/IT Incident	Email	No
California Physicians' Services d/b/a Blue Shield of California	CA	Business Associate	61790	04/04/2023	Hacking/IT Incident	Network Server	Yes
banis plastci surgery	KY	Healthcare Provider	4498	04/04/2023	Unauthorized Access/Disclosure	Email	No
Chippewa County	WI	Healthcare Provider	842	04/04/2023	Hacking/IT Incident	Network Server	No
Integrative Health of Utah, PLLC	UT	Healthcare Provider	600	04/03/2023	Theft	Electronic Medical Record, Paper/Films	No
Southwest Healthcare Services	ND	Healthcare Provider	15996	04/01/2023	Hacking/IT Incident	Network Server	No
Tallahassee Memorial Healthcare, Inc.	FL	Healthcare Provider	20376	03/31/2023	Hacking/IT Incident	Network Server	No
Monument, Inc.	NY	Business Associate	108584	03/31/2023	Unauthorized Access/Disclosure	Network Server	Yes
Santa Clara Family Health Plan	CA	Health Plan	276993	03/30/2023	Hacking/IT Incident	Network Server	Yes
Aspire Health Partners	FL	Healthcare Provider	999	03/29/2023	Improper Disposal	Paper/Films	No
UHS of Delaware, Inc.	PA	Business Associate	40290	03/29/2023	Hacking/IT Incident	Email	Yes
Nonstop Administration and Insurance Services, Inc.	PA	Business Associate	8571	03/27/2023	Hacking/IT Incident	Network Server	Yes
American Pain and Wellness, PLLC	TX	Healthcare Provider	7457	03/24/2023	Hacking/IT Incident	Network Server	No
NewBridge Services	NJ	Healthcare Provider	1457	03/24/2023	Hacking/IT Incident	Network Server	No
Atlantic General Hospital	MD	Healthcare Provider	26591	03/24/2023	Hacking/IT Incident	Network Server	No

We are generating the report for you. Please wait......

U.S. Department of Health and Human Services Office for Civil Rights Breach Portal: Notice to the Secretary of HHS Breach of Unsecured Protected Health Information

U.S. Department of Health and Human Services
Office for Civil Rights

Breach Portal: Notice to the Secretary of HHS Breach of Unsecured Protected Health Information