Thomas Allen, Inc.

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Thomas Allen, Inc., a Minnesota-based organization, experienced a data breach as part of a larger trend of cyberattacks targeting healthcare institutions. This breach, specifically an email breach, was reported on March 23, 2022, and affected 2,803 individuals[4]. The breach at Thomas Allen, Inc. is part of a concerning pattern of cyberattacks on healthcare providers, which are particularly vulnerable due to the sensitive nature of the information they hold, including patients’ personal and health information.

In response to breaches and to protect personal health information (PHI), Thomas Allen, Inc. has outlined rights and procedures in their HIPAA document. This includes the right of individuals to be notified of a breach of their unsecured PHI within 60 calendar days of its discovery. The notice aims to provide a summary of the breach, including what happened, the date of occurrence and discovery, the specific PHI involved, steps individuals can take to protect themselves from potential harm, and contact information for further inquiries[2].

The document also emphasizes Thomas Allen, Inc.’s commitment to using secure encryption systems to protect electronic transmissions of data through their servers, highlighting their efforts to safeguard sensitive information against unauthorized access[2].

This incident underscores the ongoing challenges healthcare providers face in securing PHI against cyber threats. It also highlights the importance of robust cybersecurity measures and the need for timely notification and transparency with affected individuals following a breach.

Citations:

  1. https://learn.thomasalleninc.com/terms-of-service/
  2. https://www.thomasalleninc.com/pdf/HIPAA.pdf
  3. https://www.dhs.state.mn.us/main/groups/licensinglookup/documents/licensinglookup/llo_459255.docx
  4. https://stacker.com/minnesota/biggest-health-care-data-breaches-you-should-know-about-minnesota
  5. https://licensinglookup.dhs.state.mn.us/Details.aspx?l=1067769
  6. https://www.thomasalleninc.com/pdf/Direct%20Care%20New%20Hire%20Forms%202023.pdf
  7. https://www.thomasalleninc.com
  8. http://www.co.wadena.mn.us/AgendaCenter/ViewFile/Item/980?fileID=1789
Breach Submission Date Mar 23, 2022
Converted Entity Name Thomas Allen, Inc.
Converted Entity Type Healthcare Provider
State MN
Individuals Affected 2,803
Breach Type Hacking/IT Incident

Breach Information Location Email

Business Associate Present Yes