U.S. Department of Health and Human Services
Office for Civil Rights
Breach Portal: Notice to the Secretary of HHS Breach of Unsecured Protected Health Information

Person sitting at a laptop


As required by section 13402(e)(4) of the HITECH Act, the Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals. The following breaches have been reported to the Secretary:

Cases Currently Under Investigation
This page lists all breaches reported within the last 24 months that are currently under investigation by the Office for Civil Rights.
  Show Advanced Options
We are generating the report for you. Please wait......
ExcelPDFCSVXML
Breach Report Results
Expand AllName of Covered EntityStateCovered Entity TypeIndividuals AffectedBreach Submission DateType of BreachLocation of Breached Information
Southeast Nursing and Rehab CenterTXHealthcare Provider60006/06/2023Improper DisposalOther, Paper/FilmsNo
T. Rowe Price Group, Inc.MDHealth Plan68406/02/2023Hacking/IT IncidentNetwork ServerYes
Elgon Information SystemsMABusiness Associate3124806/02/2023Hacking/IT IncidentNetwork ServerYes
Mercy Medical Center - Clinton, Inc.IAHealthcare Provider2086506/02/2023Hacking/IT IncidentNetwork ServerNo
Pain Relief Centers PANCHealthcare Provider700006/01/2023Unauthorized Access/DisclosureElectronic Medical RecordNo
Builders FirstSource Flex PlanTXHealth Plan369005/30/2023Hacking/IT IncidentNetwork ServerNo
Iowa Department of Health and Human Services - Iowa Medicaid (Iowa HHS-IM)IAHealth Plan23383405/30/2023Hacking/IT IncidentNetwork ServerYes
Alvaria, Inc.MABusiness Associate99605/26/2023Hacking/IT IncidentNetwork ServerYes
Alvaria, Inc.MABusiness Associate138905/26/2023Hacking/IT IncidentNetwork ServerYes
Alvaria, Inc.MABusiness Associate119105/26/2023Hacking/IT IncidentNetwork ServerYes
Alvaria, Inc.MABusiness Associate151805/26/2023Hacking/IT IncidentNetwork ServerYes
Alvaria, Inc.MABusiness Associate52405/26/2023Hacking/IT IncidentNetwork ServerYes
Alvaria, Inc.MABusiness Associate50705/26/2023Hacking/IT IncidentNetwork ServerYes
Pioneer Valley Ophthalmic Consultants, PCMAHealthcare Provider3627505/26/2023Hacking/IT IncidentNetwork ServerYes
Alvaria, Inc.MABusiness Associate98305/26/2023Hacking/IT IncidentNetwork ServerYes
Brightline, Inc.CABusiness Associate843205/26/2023Hacking/IT IncidentNetwork ServerYes
Alvaria, Inc.MABusiness Associate80305/26/2023Hacking/IT IncidentNetwork ServerYes
Alvaria, Inc.MABusiness Associate114705/26/2023Hacking/IT IncidentNetwork ServerYes
Alvaria, Inc.MABusiness Associate53705/26/2023Hacking/IT IncidentNetwork ServerYes
Alvaria, Inc.MABusiness Associate79605/26/2023Hacking/IT IncidentNetwork ServerYes
Alvaria, Inc.MABusiness Associate109705/26/2023Hacking/IT IncidentNetwork ServerYes
Alvaria, Inc.MABusiness Associate91605/26/2023Hacking/IT IncidentNetwork ServerYes
Sparta Community Hospital DistrictILHealthcare Provider90005/26/2023Hacking/IT IncidentEmailNo
Managed Care of North America (MCNA)GABusiness Associate886107605/26/2023Hacking/IT IncidentNetwork ServerYes
Iowa Department of Health and Human ServicesIAHealth Plan83305/26/2023Unauthorized Access/DisclosurePaper/FilmsYes
South Jersey Behavioral Health Resources, Inc.NJHealthcare Provider219305/26/2023Unauthorized Access/DisclosureEmailNo
Valley Orthopaedic SpecialistsCTHealthcare Provider506205/26/2023Hacking/IT IncidentNetwork ServerNo
Lancaster Orthopedic GroupPAHealthcare Provider50005/26/2023Hacking/IT IncidentNetwork ServerNo
Albany ENT & Allergy Services, PC.NYHealthcare Provider22448605/25/2023Hacking/IT IncidentNetwork ServerNo
Asian Health ServicesCAHealthcare Provider627005/25/2023Hacking/IT IncidentEmailNo
Vascular Center of Intervention, Inc.CAHealthcare Provider383305/24/2023Hacking/IT IncidentNetwork ServerNo
Harvard Pilgrim Health CareMAHealth Plan255092205/24/2023Hacking/IT IncidentNetwork ServerNo
MedInform, Inc.OHBusiness Associate1445305/24/2023Hacking/IT IncidentNetwork ServerYes
The CSC Generation Holdings, Inc. Health and Welfare PlanWAHealth Plan221905/24/2023Hacking/IT IncidentNetwork ServerNo
UI Community Home Care, a subsidiary of University of Iowa Health System IAHealthcare Provider6789705/24/2023Hacking/IT IncidentElectronic Medical Record, Network ServerNo
Culbertson Memorial Hospital ILHealthcare Provider50105/24/2023Hacking/IT IncidentNetwork ServerNo
Grant Regional Health CenterWIHealthcare Provider413505/23/2023Hacking/IT IncidentEmailNo
County of SacramentoCAHealthcare Provider100005/23/2023Hacking/IT IncidentEmailNo
Topcon Healthcare Solutions, Inc.NJBusiness Associate420905/22/2023Hacking/IT IncidentNetwork ServerYes
PillPack LLCNHHealthcare Provider1903205/19/2023Hacking/IT IncidentNetwork ServerNo
PartsSource, Inc. Welfare Benefit PlanOHHealth Plan147405/19/2023Hacking/IT IncidentNetwork ServerNo
Tennessee Orthopaedic Clinics TNHealthcare Provider50005/19/2023Hacking/IT IncidentNetwork ServerNo
Marshall Information Services, LLC dba Primary Solutions OHBusiness Associate745605/18/2023Hacking/IT IncidentNetwork ServerYes
University of Missouri Health Care MOHealthcare Provider73605/17/2023Unauthorized Access/DisclosureElectronic Medical RecordNo
Clarke County Hospital IAHealthcare Provider2800305/17/2023Hacking/IT IncidentNetwork ServerNo
Buckeye Health PlanOHHealth Plan68605/16/2023Unauthorized Access/DisclosureEmailNo
Fertility Specialists Medical GroupCAHealthcare Provider943705/15/2023Hacking/IT IncidentNetwork ServerNo
Lehigh Valley Health NetworkPAHealthcare Provider62705/15/2023Hacking/IT IncidentNetwork ServerNo
R&B Corporation of Virginia d/b/a Credit Control CorporationVABusiness Associate34552305/13/2023Hacking/IT IncidentNetwork ServerYes
PharMerica CorporationKYHealthcare Provider581559105/12/2023Hacking/IT IncidentNetwork ServerNo
Great Expressions Dental CentersMIHealthcare Provider52805/12/2023Hacking/IT IncidentNetwork ServerNo
Sesame, Inc.NYBusiness Associate180905/12/2023Unauthorized Access/DisclosureNetwork ServerYes
Illinois Department of Healthcare and Family Services, Illinois Department of Human ServicesILHealth Plan5083905/12/2023Hacking/IT IncidentNetwork ServerNo
SolutranMNBusiness Associate1772805/12/2023Hacking/IT IncidentNetwork ServerYes
Health Benefit Plan of the Anchorage School DistrictAKHealth Plan459805/12/2023TheftLaptopNo
United Healthcare Services, Inc. Single Affiliated Covered EntityCTHealth Plan111605/12/2023Unauthorized Access/DisclosureEmailNo
Catholic Health SystemNYHealthcare Provider1275905/11/2023Unauthorized Access/DisclosureElectronic Medical RecordYes
IMA Financial Group, Inc.KSBusiness Associate293705/10/2023Hacking/IT IncidentNetwork ServerYes
Uintah Basin HealthcareUTHealthcare Provider10397405/10/2023Hacking/IT IncidentNetwork ServerNo
Brightline, Inc.CABusiness Associate2897505/10/2023Hacking/IT IncidentOtherYes
Smile Doctors of Arizona, P.C. d/b/a Grinz Orthodontics ("Grinz Orthodontics")AZHealthcare Provider103405/09/2023TheftDesktop ComputerNo
ASAS Health, LLCTXHealthcare Provider2552705/06/2023Hacking/IT IncidentDesktop Computer, Laptop, Network ServerNo
United Healthcare Services, Inc. Single Affiliated Covered EntityCTHealth Plan197105/05/2023Unauthorized Access/DisclosureNetwork ServerNo
United Healthcare Services, Inc. Single Affiliated Covered EntityCTHealth Plan2656105/05/2023Hacking/IT IncidentNetwork ServerNo
Our Sunday Visitor, Inc.INHealth Plan96505/05/2023Hacking/IT IncidentNetwork ServerNo
People Incorporated of Sequoyah CountyOKHealthcare Provider872505/05/2023Hacking/IT IncidentNetwork ServerNo
New Mexico Department of HealthNMHealthcare Provider4900005/04/2023Unauthorized Access/DisclosureOtherNo
Methodist Family HealthARHealthcare Provider525905/03/2023Hacking/IT IncidentNetwork ServerNo
Northwest Health – La PorteINHealthcare Provider1025605/02/2023Unauthorized Access/DisclosurePaper/FilmsNo
Oyate Health CenterSDHealthcare Provider57505/02/2023Improper DisposalPaper/FilmsNo
Herbert J. Thomas Memorial Hospital Association dba Thomas Memorial Hospital WVHealthcare Provider256305/02/2023Hacking/IT IncidentNetwork ServerYes
University UrologyNYHealthcare Provider5681605/01/2023Hacking/IT IncidentNetwork ServerNo
Summit Eye & OpticalNJHealthcare Provider572705/01/2023Hacking/IT IncidentNetwork ServerNo
ReDiscover Mental HealthMOHealthcare Provider87705/01/2023Unauthorized Access/DisclosureEmailNo
Brightside Health, Inc.CAHealthcare Provider76704/30/2023Unauthorized Access/DisclosureElectronic Medical Record, OtherNo
Link Audiology LLCWAHealthcare Provider720004/28/2023Hacking/IT IncidentEmailNo
HealthPlan Services, Inc.FLBusiness Associate934904/28/2023Hacking/IT IncidentNetwork ServerYes
Grohler Hearing Aid Center, INC DBA Beltone Hearing Aid CentersVAHealthcare Provider527204/28/2023Hacking/IT IncidentEmailNo
Allina HealthMNHealthcare Provider104204/28/2023Unauthorized Access/DisclosureNetwork ServerNo
Unlimited Care, Inc. NYHealthcare Provider845304/27/2023Hacking/IT IncidentNetwork ServerNo
Delphi Drug & Alcohol CouncilNYHealthcare Provider628804/27/2023Hacking/IT IncidentEmailNo
University of California, San FranciscoCAHealthcare Provider67604/26/2023Hacking/IT IncidentEmailNo
CounSol, LLCFLBusiness Associate427704/25/2023Unauthorized Access/DisclosureNetwork ServerYes
Lake County Health Department and Community Health CenterILHealthcare Provider1700004/25/2023Hacking/IT IncidentEmailNo
Mars Area School District PAHealth Plan127004/24/2023Hacking/IT IncidentNetwork ServerNo
Robeson Health Care CorporationNCHealthcare Provider1504504/21/2023Hacking/IT IncidentNetwork ServerNo
Brightline, Inc.CABusiness Associate18069404/20/2023Hacking/IT IncidentNetwork Server, OtherYes
Upper Peninsula Health Plan MIHealth Plan83304/20/2023Hacking/IT IncidentNetwork ServerYes
Modern Cardiology AssociatesHealthcare Provider1000004/19/2023Hacking/IT IncidentNetwork ServerNo
Graceworks Lutheran ServicesOHHealthcare Provider673704/19/2023Hacking/IT IncidentNetwork ServerNo
Morgan StanleyNYHealth Plan53504/18/2023Unauthorized Access/DisclosurePaper/FilmsNo
Integrated Medical ServicesAZHealthcare Provider659104/17/2023Unauthorized Access/DisclosurePaper/FilmsNo
Ethan Health, LLCKYHealthcare Provider404704/14/2023Hacking/IT IncidentEmailNo
MiniMed Distribution Corp.CAHealthcare Provider5837404/14/2023Unauthorized Access/DisclosureNetwork ServerNo
Dallas CountyTXHealthcare Provider50104/14/2023Improper DisposalDesktop ComputerNo
United Steelworkers Local 286PAHealth Plan3796504/14/2023Hacking/IT IncidentEmailNo
Two Rivers Public Health DepartmentNEHealthcare Provider1516804/14/2023Hacking/IT IncidentEmailNo
Presence Healthcare Services dba Presence Medical Group ILHealthcare Provider92104/14/2023Unauthorized Access/DisclosurePaper/FilmsNo
Henry County HospitalOHHealthcare Provider368904/14/2023Hacking/IT IncidentNetwork ServerYes
Brightline, Inc.CABusiness Associate4996804/13/2023Hacking/IT IncidentNetwork Server, OtherYes
We are generating the report for you. Please wait......
  
U.S. Department of Health & Human Services - 200 Independence Avenue, S.W. - Washington, D.C. 20201 HHS Vulnerability Disclosure