Legacy Operating Company d/b/a Legacy Hospice

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Legacy Operating Company, doing business as Legacy Hospice, is a provider of hospice care services focused on enhancing the quality of life for patients and their families through compassionate care. Based in Salem, Arkansas, Legacy Hospice operates more than 18 facilities across several states, including Alabama, Arkansas, Louisiana, Mississippi, Missouri, Oklahoma, and Tennessee. The organization is committed to delivering the highest quality end-of-life care by employing an interdisciplinary team approach to patient and family care. Their mission is underscored by values of integrity, competence, compassion, and respect for all lives[3].

Legacy Hospice distinguishes itself by aiming for rapid response times, with goals for referral to contact time being less than an hour and striving to admit and begin providing care within hours. The hospice’s Clinical Excellence Standards ensure quality care and satisfaction for patients and caregivers. In the first week of care, a Hospice RN visits daily to provide coordination of care, education, and support, crafting an individualized plan of care tailored to each patient and family. Importantly, Legacy Hospice admits patients regardless of their ability to pay and offers comfort measures that many hospices do not, such as TPN, Palliative Radiation, Blood Transfusions, BiPAP, and CPAP noninvasive ventilation[3].

However, Legacy Hospice recently experienced a significant data breach. On December 22, 2022, the company sent out data breach letters to individuals whose information was compromised due to unauthorized access to employee email accounts. This incident affected 21,202 individuals nationwide and involved the unauthorized access to sensitive information, including names, Social Security numbers, taxpayer identification numbers, dates of birth, dates of death, driver’s license numbers, government identification numbers, financial account information, credit or debit card information, passport numbers, and protected health information. The breach was part of a larger trend of increased interest from hackers in obtaining protected health information for fraudulent purposes[4].

Legacy Hospice is headquartered in Daphne, Alabama, and serves a wide area, including multiple states beyond Alabama. The organization is dedicated to being an industry leader in end-of-life care, aiming to be the hospice of choice for patients and families, as well as the employer of choice for care teams and partners[3][5].

Citations:

  1. https://legacyhospice.net
  2. https://legacyhospice.net/locations/
  3. https://legacyhospice.net/about-us/
  4. https://www.jdsupra.com/legalnews/legacy-operating-company-llc-d-b-a-9448091/
  5. https://www.nhpco.org/providers/legacy-hospice-inc/
  6. https://www.linkedin.com/company/legacy-hospice-holdings-inc
  7. https://www.hipaajournal.com/december-2022-healthcare-data-breach-report/
  8. https://apps.web.maine.gov/online/aeviewer/ME/40/list.shtml
Breach Submission Date Dec 22, 2022
Converted Entity Name Legacy Operating Company d/b/a Legacy Hospice
Converted Entity Type Healthcare Provider
State AL
Individuals Affected 21,202
Breach Type Hacking/IT Incident

Breach Information Location Email

Business Associate Present Yes