HCA Healthcare Posts Notice of Data Breach Affecting an Estimated 11 Million Patients

Console and Associates, P.C.

On July 10, 2023, HCA Healthcare, Inc. posted a notice of Data Security Incident on its website, explaining that patient information was subject to unauthorized access after an unauthorized party posted it on an online forum. In this notice, HCA explains that the incident involved patients’ sensitive information, which includes their names, addresses, telephone numbers, dates of birth, genders, patient service dates, locations and next appointment dates. Upon completing its investigation, HCA began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident. The HCA data breach affected an estimated 11 million patients across the country.

If you received a data breach notification from HCA Healthcare, Inc., you are not alone; however, it is essential you understand what is at risk and what you can do about it. The HCS data breach affected an estimated 11 million patients across the country. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft as well as discuss your legal options following the HCA Healthcare data breach. For more information, please see our recent piece on the topic here.

What Caused the HCA Healthcare Breach?

The HCA Healthcare data breach was only recently announced, and more information is expected in the near future. However, HCA’s notice entitled “HCA Healthcare Reports Data Security Incident,” posted on July 10, 2023, provides some information about what led to the breach. According to this source, HCA Healthcare recently learned that certain patient information was available through an online form.

In response, HCA Healthcare reported the incident to law enforcement and then launched an investigation. The HCA investigation confirmed that the incident involved the theft of information “from an external storage location exclusively used to automate the formatting of email messages.” Essentially, the information was used to create reminder emails to patients that they may want to schedule an appointment.

After learning that sensitive patient data was accessible to an unauthorized party, HCA Healthcare reviewed the compromised files to determine what information was leaked and which patients were impacted. While the breached information varies depending on the individual, it may include your name, address, telephone number, date of birth, gender, patient service date, location and next appointment date.

In its July 10, 2023, notice, HCA Healthcare explains that it intends to send out data breach letters to anyone who was affected by the recent data security incident.

More Information About HCA Healthcare, Inc.

Founded in 1968, HCA Healthcare, Inc. is a healthcare system based in Nashville, Tennessee. HCA operates 180 hospitals and approximately 2,300 other healthcare facilities, including surgery centers, freestanding emergency rooms, urgent care centers, and doctors’ offices. HCA’s geographical scope extends to 20 states and the United Kingdom, and the company handles more than 37 million patient encounters each year. HCA Healthcare employs more than 294,000 people and generates approximately $60 billion in annual revenue.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

Written by:

Console and Associates, P.C.

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide