25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Cyberattack on Help at Home Affects 26,700 Current & Former Patients

Posted By on Aug 26, 2024

Data breaches have been reported by Help at Home, Kinsler Family Dentistry, ParkTree Community Health Center, and Providence Pediatrics Manito.

Help at Home

HAH Group Holding Company, a home healthcare provider that does business as Help at Home, has discovered the protected health information of 26,744 individuals has been exposed at one of its vendors. The vendor notified Help at Home about the intrusion on March 21, 2021; however, at the time, it was unclear to what extent personal information was involved.

The unnamed former vendor conducted a review of the affected data and confirmed on June 19, 2024, that the information exposed and potentially stolen in the incident included names, dates of birth, Social Security numbers, financial account numbers, usernames and passwords, and/or certain medical, health insurance, and/or treatment information. HAH Group Holding Company mailed individual notifications on August 16, 2024, and has offered complimentary credit monitoring services.

Kinsler Family Dentistry

Kinsler Family Dentistry, the Frankfort, IN, dental practice of Julie D. Kinsler DDS, has notified 5,500 current and former patients that some of their protected health information was stored on systems that were accessed by an unauthorized third party.  The incident occurred on or around June 6, 2024, and disrupted access to certain systems. Assisted by third-party cybersecurity experts, Kinsler Family Dentistry determined that files on the compromised systems were accessed and acquired by the attacker, some of which contained patient data.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

The file review was completed on July 19, 2024, and it was confirmed that names, Social Security numbers, dates of birth, insurance numbers, and dental treatment and/or medical history information had been compromised. The cyberattack was reported to the Federal Bureau of Investigation, individual notifications were mailed on August 9, 2024, and complimentary credit monitoring and identity theft protection services have been made available. Additional measures have been implemented to enhance network security to prevent similar incidents in the future.

ParkTree Community Health Center

Pomona Community Health Center, which does business as ParkTree Community Health Center in Ponoma, CA, has warned patients that some of their sensitive information may have been exposed to an unauthorized third party, who accessed its network on February 7, 2024. The notification to the California Attorney General indicates that information potentially compromised includes first and last names, dates of birth, health plan identification numbers, medical record numbers, contact information, gender, and clinical information such as diagnoses, medications, and doctor’s notes. Social Security numbers and driver’s license numbers were not compromised, so the affected patients are not at risk of identity theft; however, they have been advised to be vigilant against the misuse of their information and should monitor their account statements, explanation of benefits statements, and credit reports.

ParkTree Community Health Center said it takes many steps to keep personal information secure; however, on this occasion, those measures were circumvented. Security policies and procedures are being reviewed and will be updated to prevent similar incidents in the future.

Update: The breach has been reported to the HHS’ Office for Civil Rights as affecting 40,964 individuals.

Providence Pediatrics Manito

Providence Pediatrics Manito in Spokane, WA, has discovered a mailing error that occurred on June 24, 2024, that resulted in letters being mailed to 1,166 patients that included their mailing address but the name of a different patient. The letters were sent to notify patients of Dr. Shane Carson that he was leaving the practice. The letters contained no other personal information other than an incorrect name, which had been included as a result of a technical error. Providence Pediatrics Manito said notification letters were mailed to the affected patients and their guardians to be transparent and out of an abundance of caution.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist