Coastal Hospice & Palliative Care

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Coastal Hospice & Palliative Care, based in Salisbury, Maryland, experienced a data breach that involved unauthorized access to patient data. The incident was first identified on July 24, 2023, when Coastal Hospice noticed a network disruption and immediately launched an investigation with the help of cybersecurity experts[1][3][4]. The investigation revealed that certain files may have been acquired without authorization, and a thorough review of these files concluded on November 20, 2023, identified that they contained personal and protected health information of certain individuals[1][3].

The types of information potentially affected by the breach include patients’ names, Social Security numbers, dates of birth, medical diagnosis information, individual health insurance policy numbers, physician or medical facility information, medical condition or treatment information, and patient account numbers[1][3][4]. Coastal Hospice began notifying potentially affected individuals on January 22, 2024, and provided them with information about the incident and steps they could take to protect their information[1][3].

In response to the breach, Coastal Hospice has enhanced its network security and reported the incident to the Federal Bureau of Investigation (FBI) to hold the perpetrators accountable[3][4]. They have also established a toll-free call center to answer questions about the incident, which is available Monday through Friday from 9:00 a.m. to 9:00 p.m. Eastern Time at 888-541-0492[3][4].

The U.S. Department of Health and Human Services Office for Civil Rights Breach Portal also lists the incident, indicating that the breach affected 29,100 individuals[2]. Coastal Hospice has taken the privacy and security of all data and systems very seriously and has expressed regret for any inconvenience or concern caused by the incident[4].

Citations:

  1. https://thedailyrecord.com/2024/01/23/coastal-hospice-palliative-care-hit-with-data-breach-of-patient-information/
  2. https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
  3. https://www.prnewswire.com/news-releases/coastal-hospice-provides-notice-of-data-security-incident-302041185.html
  4. https://baysideoc.net/coastal-hospice-addressing-cyber-security-incident/
  5. https://consumer.sc.gov/identity-theft-unit/security-breach-notices
  6. https://www.coastalhospice.org
  7. https://cybernews.com/news/us-healthcare-provider-hack-exposes-patient-records/
  8. https://www.linkedin.com/posts/biotech-networks_coastal-hospice-provides-notice-of-data-security-activity-7155477350057439232-hDkX
  9. https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf?ref=blog.gitguardian.com
  10. https://go.gale.com/ps/i.do?id=GALE%7CA780106035&it=r&p=HRCA&sid=sitemap&sw=w&v=2.1
  11. https://newstral.com/en/article/en/1248736017/coastal-hospice-palliative-care-hit-with-data-breach-of-patient-information
  12. https://www.hipaajournal.com/462000-hawaiians-navvis-company-breach/
  13. https://www.hipaajournal.com/columbus-regional-healthcare-data-breach/
  14. https://www.defensorum.com/data-breach-reports-by-columbus-regional-healthcare-system-senior-psychcare-and-aria-care-partners/
  15. http://ago.vermont.gov/categories/security-breach-notices
Breach Submission Date Jan 22, 2024
Converted Entity Name Coastal Hospice & Palliative Care
Converted Entity Type Healthcare Provider
State MD
Individuals Affected 29,100
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes