Psychiatry Associates of Kansas City

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

The Psychiatry Associates of Kansas City (PAKC), located in Leawood, Kansas, experienced a significant data breach reported on December 1, 2023. This cyber security attack targeted the mental health practice, potentially affecting as many as 18,255 individuals. The breach involved a “Hacking/IT Incident” of a network server, leading to unauthorized access to sensitive information. The compromised data included patient names, appointment dates/times, visit types, medical record numbers, diagnostic codes, and treatment codes, although it did not contain Social Security numbers, credit card numbers, or other financial information[1][4].

PAKC, one of the area’s largest psychiatry practices, offers a range of psychiatric care services, including inpatient and outpatient care for various conditions such as ADD/ADHD, depressive disorder, bipolar disorder, schizophrenia, and anxiety disorders, among others[2]. Following the discovery of the breach on September 19, 2023, PAKC took immediate action by shutting down the affected systems, engaging forensic experts for investigation, and beginning the restoration of the affected systems. The incident was reported to the FBI, and PAKC has since implemented security enhancements to prevent future incidents. They have also offered complimentary identity monitoring services to the affected patients and established a toll-free call center for inquiries related to the incident[4].

This breach is part of a larger trend of cyber security incidents affecting healthcare providers, as indicated by the U.S. Department of Health and Human Services Office for Civil Rights and other reports highlighting numerous healthcare data breaches[3][8][11][13]. Patients affected by such breaches are advised to monitor their personal information closely and consider taking additional security measures to protect their identity and financial information.

Citations:

  1. https://www.myinjuryattorney.com/data-breach-investigation-psychiatry-associates-of-kansas-city/
  2. https://pakconline.com
  3. https://www.idstrong.com/sentinel/community-psychiatry-management-data-breach/
  4. https://pakconline.com/notice-of-security-incident/
  5. https://www.idstrong.com/sentinel/half-a-million-patients-exposed-in-north-kansas-hospital-vendor-breach/
  6. https://hcahealthcare.com/about/privacy-update.dot
  7. https://pakconline.com/notice-of-privacy-practices/
  8. https://breachdata.topwords.me/states/KS
  9. https://www.idstrong.com/sentinel/national-behavioral-health-clinic-suffers-ransomware/
  10. https://www.reddit.com/r/kansascity/comments/115xkb7/psychiatry_associates_of_kansas_city_is_a/?rdt=57043
  11. https://www.hipaajournal.com/november-2023-healthcare-data-breach-report/
  12. https://fox4kc.com/health/north-kansas-city-hospital-warns-patients-of-possible-data-breach/
  13. https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
  14. https://breachdata.topwords.me/states/KS?limit=20&offset=20&sort=data_source
Breach Submission Date Nov 17, 2023
Converted Entity Name Psychiatry Associates of Kansas City
Converted Entity Type Healthcare Provider
State KS
Individuals Affected 18,255
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes