Data Breaches

Breach Subtotal

Breach Type: all
Organization Type: MED
Year(s) of Breach: 2018
Company or Organization: all
Date Made Public:
December 31, 2018
Company: Humana Inc
Location: , Kentucky
Type of breach:
PHYS
Type of organization:
MED
Records Breached:
684

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 29, 2018
Company: Choice Rehabilitation
Location: , Missouri
Type of breach:
HACK
Type of organization:
MED
Records Breached:
4,309

Location of breached information: Email, Laptop

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
December 28, 2018
Company: Wolverine Solutions Group
Location: , Michigan
Type of breach:
HACK
Type of organization:
MED
Records Breached:
48,471

Location of breached information: Desktop Computer, Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
December 27, 2018
Company: WEA Insurance Corporation
Location: , Wisconsin
Type of breach:
HACK
Type of organization:
MED
Records Breached:
850

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 21, 2018
Company: SEIU Local 32BJ, District 36 Building Operators Welfare Trust Fund
Location: , Pennsylvania
Type of breach:
DISC
Type of organization:
MED
Records Breached:
911

Location of breached information: Email

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
December 21, 2018
Company: Kent County Community Mental Health Authority
Location: , Michigan
Type of breach:
HACK
Type of organization:
MED
Records Breached:
2,284

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 21, 2018
Company: DePaul University
Location: , Illinois
Type of breach:
DISC
Type of organization:
MED
Records Breached:
656

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 20, 2018
Company: JAND Inc. d/b/a Warby Parker
Location: , New York
Type of breach:
HACK
Type of organization:
MED
Records Breached:
177,890

Location of breached information: Network Server

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 20, 2018
Company: The Podiatric Offices of Bobby Yee
Location: , California
Type of breach:
HACK
Type of organization:
MED
Records Breached:
24,000

Location of breached information: Desktop Computer, Laptop, Other Portable Electronic Device

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 20, 2018
Company: Dermatologists of Southwest Ohio
Location: , Ohio
Type of breach:
PHYS
Type of organization:
MED
Records Breached:
733

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 19, 2018
Company: Virtual Radiologic Professionals, LLC
Location: , Minnesota
Type of breach:
HACK
Type of organization:
MED
Records Breached:
2,568

Location of breached information: Other

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
December 18, 2018
Company: Tift Regional Medical Center
Location: , Georgia
Type of breach:
HACK
Type of organization:
MED
Records Breached:
1,045

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 18, 2018
Company: Barnes-Jewish Hospital
Location: , Missouri
Type of breach:
HACK
Type of organization:
MED
Records Breached:
1,643

Location of breached information: Network Server

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 17, 2018
Company: University of Vermont Health Network - Elizabethtown Community Hospital
Location: , New York
Type of breach:
HACK
Type of organization:
MED
Records Breached:
32,470

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 17, 2018
Company: Fort Defiance Indian Hospital
Location: , Arizona
Type of breach:
HACK
Type of organization:
MED
Records Breached:
1,000

Location of breached information: Desktop Computer

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 16, 2018
Company: Ben-Ora, Hansen & Vanesian Imaging, Ltd d/b/a Solis Mammography
Location: , Arizona
Type of breach:
PHYS
Type of organization:
MED
Records Breached:
500

Location of breached information: Desktop Computer

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 14, 2018
Company: Massachusetts General Hospital
Location: , Massachusetts
Type of breach:
DISC
Type of organization:
MED
Records Breached:
588

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 13, 2018
Company: Contra Costa Health Plan
Location: , California
Type of breach:
DISC
Type of organization:
MED
Records Breached:
862

Location of breached information: Electronic Medical Record, Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 13, 2018
Company: Smile Designs by Sandwick
Location: , Minnesota
Type of breach:
HACK
Type of organization:
MED
Records Breached:
900

Location of breached information: Other

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 11, 2018
Company: Adams County
Location: , Wisconsin
Type of breach:
DISC
Type of organization:
MED
Records Breached:
258,120

Location of breached information: Network Server, Other

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 11, 2018
Company: Ramsey County
Location: , Minnesota
Type of breach:
HACK
Type of organization:
MED
Records Breached:
599

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 8, 2018
Company: Leon A Cohen MM.,PA
Location: , Florida
Type of breach:
PHYS
Type of organization:
MED
Records Breached:
2,122

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
December 4, 2018
Company: Butler County Board of County Commissioners
Location: , Ohio
Type of breach:
DISC
Type of organization:
MED
Records Breached:
1,912

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 30, 2018
Company: CHI Health Care, Inc.
Location: , Maryland
Type of breach:
DISC
Type of organization:
MED
Records Breached:
722

Location of breached information: Other Portable Electronic Device, Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 30, 2018
Company: Mind and Motion, LLC
Location: , Georgia
Type of breach:
HACK
Type of organization:
MED
Records Breached:
16,000

Location of breached information: Network Server

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 30, 2018
Company: CCRM Dallas-Fort Worth
Location: , Texas
Type of breach:
HACK
Type of organization:
MED
Records Breached:
1,117

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 30, 2018
Company: Thielen Student Health Center
Location: , Iowa
Type of breach:
DISC
Type of organization:
MED
Records Breached:
599

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 30, 2018
Company: Prairie Fields Family Medicine, PC
Location: , Nebraska
Type of breach:
DISC
Type of organization:
MED
Records Breached:
6,450

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 30, 2018
Company: Georgia Department of Human Services
Location: , Georgia
Type of breach:
DISC
Type of organization:
MED
Records Breached:
435,339

Location of breached information: Network Server, Other Portable Electronic Device

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 28, 2018
Company: OrthoTexas Physicians and Surgeons, PLLC
Location: , Texas
Type of breach:
DISC
Type of organization:
MED
Records Breached:
2,172

Location of breached information: Paper/Films

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 28, 2018
Company: Steward Medical Group
Location: , Massachusetts
Type of breach:
HACK
Type of organization:
MED
Records Breached:
16,276

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 27, 2018
Company: AccuDoc Solutions, Inc.
Location: , North Carolina
Type of breach:
HACK
Type of organization:
MED
Records Breached:
2,652,540

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 26, 2018
Company: Cancer Treatment Centers of America (CTCA) at Western Regional Medical Center
Location: , Arizona
Type of breach:
HACK
Type of organization:
MED
Records Breached:
41,948

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 26, 2018
Company: Baylor Scott & White Medical Center - Frisco
Location: , Texas
Type of breach:
HACK
Type of organization:
MED
Records Breached:
47,984

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 26, 2018
Company: Mercy Medical Center- North Iowa
Location: , Iowa
Type of breach:
DISC
Type of organization:
MED
Records Breached:
1,971

Location of breached information: Electronic Medical Record

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 21, 2018
Company: Tandigm Health
Location: , Pennsylvania
Type of breach:
HACK
Type of organization:
MED
Records Breached:
7,376

Location of breached information: Network Server

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 20, 2018
Company: East End Disability Associates, Inc.
Location: , New York
Type of breach:
HACK
Type of organization:
MED
Records Breached:
896

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 19, 2018
Company: Inova Health System
Location: , Virginia
Type of breach:
HACK
Type of organization:
MED
Records Breached:
857

Location of breached information: Electronic Medical Record

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
November 19, 2018
Company: James R. Etzkorn, MD
Location: , Missouri
Type of breach:
DISC
Type of organization:
MED
Records Breached:
6,845

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
November 19, 2018
Company: Episcopal Health Services
Location: , New York
Type of breach:
HACK
Type of organization:
MED
Records Breached:
218,055

Location of breached information: Email

Business associate present: No

Information Source:
US Department of Health and Human Services
CSV