Healix Infusion Therapy, LLC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Healix Infusion Therapy, LLC, a healthcare services provider based in Sugar Land, Texas, experienced a significant data breach that was officially reported on December 11, 2023. The breach involved unauthorized access to sensitive personal and health information of an undetermined number of individuals. This incident was first detected due to suspicious activity within Healix’s computer network around September 12, 2023, prompting an immediate security response and investigation with the assistance of third-party IT forensic specialists[1][5].

Overview of Healix Infusion Therapy, LLC

Healix Infusion Therapy specializes in providing outpatient infusion services to healthcare providers, including drug procurement, revenue cycle management, and clinical staffing. Founded in 1989, the company plays a crucial role in managing infusion programs for healthcare facilities and physician practices across the United States. With over 500 employees, Healix generates approximately $74 million in annual revenue[1][5].

Details of the Data Breach

The breach allowed an unauthorized party to access a wide range of personal and health-related information, including names, Social Security numbers, addresses, dates of birth, driver’s license numbers, financial account information, medical information, and health insurance details[1]. Healix initiated a comprehensive review of the compromised files to ascertain the extent of the breach and the specific individuals affected. Subsequently, data breach notification letters were sent to the impacted individuals, advising them of the breach and the types of information that were potentially compromised[1][3].

Healix’s Response

Upon discovering the breach, Healix took immediate steps to secure its network and mitigate any potential damage. The company notified state and federal law enforcement agencies and engaged with data privacy counsel and forensic specialists to conduct a thorough investigation. In addition to implementing enhanced cybersecurity measures, Healix has offered affected individuals access to credit monitoring and identity theft protection services through Equifax at no cost[1][7].

Legal and Regulatory Implications

The breach has prompted investigations and legal scrutiny, with Healix reporting the incident to the Attorney General of Texas and the U.S. Department of Health and Human Services Office for Civil Rights (HHS-OCR). The company’s handling of the breach, including its notification and remediation efforts, will be closely examined to ensure compliance with applicable data protection laws and regulations[1][3][5].

Conclusion

The data breach at Healix Infusion Therapy, LLC underscores the critical importance of robust cybersecurity measures and vigilant monitoring of sensitive information within the healthcare industry. As Healix continues to address the fallout from this incident, the breach serves as a stark reminder of the ongoing challenges faced by healthcare providers in safeguarding patient data against unauthorized access and cyber threats[1][5].

Citations:

  1. https://www.jdsupra.com/legalnews/update-healix-infusion-therapy-files-8424712/
  2. https://healthcare.utah.edu/huntsmancancerinstitute/
  3. https://www.jdsupra.com/legalnews/healix-infusion-therapy-files-notice-of-1110752/
  4. https://www.nih.gov
  5. https://www.turkestrauss.com/2023/12/13/healix-infusion-therapy-data-breach-investigation/
  6. https://www.merck.com
  7. https://www.mass.gov/doc/assigned-data-breach-number-31126-healix-infusion-therapy-llc-12-11-23/download
  8. https://www.pharmacytimes.org
  9. https://casetext.com/case/healix-infusion-therapy-inc-v-helix-health-3
  10. https://www.gsk.com/en-gb/
  11. https://trellis.law/case/48157/21-dcv-286184/healix-infusion-therapy-llc-v-west-tennessee-neurology-p-c-salman-saeed-md
  12. https://westcancercenter.org
  13. https://law.justia.com/cases/federal/appellate-courts/ca7/12-3768/12-3768-2013-08-16.html
  14. https://www.medstarhealth.org/doctors
  15. https://caselaw.findlaw.com/us-7th-circuit/1642142.html
  16. https://bellin.org
Breach Submission Date Dec 11, 2023
Converted Entity Name Healix Infusion Therapy, LLC
Converted Entity Type Business Associate
State TX
Individuals Affected 6,026
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes