HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

15,000 Patients Affected by Philadelphia FIGHT Community Health Centers Cyberattack

Philadelphia FIGHT Community Health Centers has recently announced it was the victim of a cyberattack on November 30, 2021. Third-party forensic investigators were engaged to determine the nature and scope of the breach. The investigation confirmed its electronic medical record system and other clinical systems were not compromised in the attack; however, on January 13, 2022, Philadelphia FIGHT discovered the attacker had accessed non-clinical systems that housed files containing the protected health information of around 15,000 patients.

It was not possible to determine if the attacker viewed or obtained any patient information, although no reports have been received that suggest any patient information has been misused. The information potentially compromised in the attack included names, dates of birth, Social Security numbers, medical diagnoses, treatment information, and health insurance information.

Philadelphia FIGHT said a review of security protocols is being conducted and security measures will be enhanced to prevent further cyberattacks.

Vendor Email Account Breach Affects Over 6,000 Memorial Hermann Health System Patients

Memorial Hermann Health System has reported a breach at one of its vendors that exposed the protected health information of 6,260 patients. Memorial Hermann Health System had contracted with Advent Health Partners, a Nashville, TN-based provider of claims management services. In September 2021, Advent Health Partners discovered suspicious activity in certain employee email accounts and on December 2, 2021, confirmed the compromised email accounts contained the protected health information of its healthcare clients. They started to be notified on January 6, 2022.

Get The Checklist

Free and Immediate Download
HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

Memorial Hermann Health System said the compromised information included first names, last names, dates of birth, social security numbers, driver’s licenses numbers, financial information, health insurance information, and treatment information. While patient information may have been accessed, no evidence has been found to suggest any actual or attempted misuse of patient data. Memorial Hermann Health System said Advent Health Partners is providing affected individuals with free access to a credit monitoring service.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.