On July 14, 2023, The Pavilion at Health Park, LLC dba Park Royal Hospital filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that confidential patient information was accessed through a compromised employee email account. In this notice, Park Royal Hospital explains that the incident resulted in an unauthorized party being able to access patients’ sensitive information, which includes their names, provider names, dates of treatment, diagnosis and treatment information. Upon completing its investigation, Park Royal Hospital began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you received a data breach notification from Park Royal Hospital, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn how to protect yourself from becoming a victim of fraud or identity theft as well as discuss your legal options following the Park Royal Hospital data breach. For more information, please see our recent piece on the topic here.

What Caused the Park Royal Hospital Breach?

The Park Royal Hospital data breach was only recently announced, and more information is expected in the near future. However, Park Royal Hospital’s filing with the U.S. Department of Health and Human Services Office for Civil Rights provides some important information on what led up to the breach. Additionally, Park Royal Hospital posted a notice of the breach on its website, providing additional information.

According to these sources, on May 15, 2023, Park Royal Hospital learned that an unauthorized party may have accessed an employee’s email account. While the hospital doesn’t explain how it came into this information, in response, Park Royal Hospital secured the email account and then launched an investigation with the help of third-party data security specialists.

Through its investigation, Park Royal Hospital confirmed that an unauthorized party had gained access to the employee email account on May 8, 2023, and was able to continue accessing the account through May 15, 2023. Additionally, Park Royal Hospital learned that the unauthorized party accessed files containing information belonging to Park Royal Hospital patients.

After learning that sensitive patient data was accessible to an unauthorized party, Park Royal Hospital reviewed the compromised files to determine what information was leaked and which patients were impacted. While the breached information varies depending on the individual, it may include your name, provider names, dates of treatment, diagnosis and treatment information.

On July 14, 2023, Park Royal Hospital sent out data breach letters to anyone who was affected by the recent data security incident.

More Information About Park Royal Hospital

Park Royal Hospital is a behavioral health services provider located in Fort Myers, Florida. Park Royal Hospital provides a range of services, including inpatient and intensive outpatient addiction treatment. The facility also treats individuals with adjustment disorder, anxiety disorder, bipolar disorder, depression, schizoaffective disorder, schizophrenia, suicidal ideation, trauma & PTSD. Park Royal Hospital employs more than 122 people and generates approximately $23 million in annual revenue.