The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) publicly posts breaches affecting 500 or more patients to its breach portal. There were 45 incidents reported in February 2021 affecting 1,234,943 patients. 35 of these incidents targeted healthcare providers, representing 82.29% of affected patients. 5 of these incidents targeted health plans, representing 13.64% of affected patients. 5 of these incidents targeted business associates, representing 4.08% of affected patients. More details on 2021 February healthcare breaches are discussed.

2021 February Healthcare Breaches: Hacking/IT Incidents Affected 1,058,371 Patients

There were 32 hacking/IT incidents affecting 1,058,371 patients. Of these incidents 85.69% targeted healthcare providers, 9.69% targeted health plans, and 4.62% targeted business associates.

Healthcare Providers

  • The Kroger Co.: 368,100 patients affected
  • BW Homecare Holdings, LLC, in its capacity as the parent corporation of the Elara Caring single affiliated covered entity : 100,487 patients affected
  • RF EYE PC dba Cochise Eye and Laser: 100,000 patients affected
  • Gore Medical Management, LLC: 79,100 patients affected
  • Nevada Orthopedic & Spine Center: 50,000 patients affected
  • Covenant HealthCare: 47,178 patients affected
2021 February Healthcare Breaches
  • UPMC: 36,086 patients affected
  • Grand River Medical Group: 34,000 patients affected
  • Granite Wellness Centers: 15,600 patients affected
  • Cornerstone Care, Inc.: 11,487 patients affected
  • Bowling Green Inn of Pensacola, LLC DBA Twelve Oaks Recovery: 9,023 patients affected
  • The SurgiCare Center of Utah: 8,675 patients affected
  • Pennsylvania Adult & Teen Challenge: 7,771 patients affected
  • Nevada Health Centers, Inc.: 6,709 patients affected
  • The House Next Door, Inc.: 6,000 patients affected
  • Santa Rosa Community Health Centers: 5,983 patients affected
  • Project Vida Health Center: 4,500 patients affected
  • Southeastern Minnesota Center for Independent Living, Inc. (“SEMCIL”): 4,122 patients affected
  • Lake Charles Memorial Health System: 3,802 patients affected
  • Hackley Community Care Center: 2,644 patients affected
  • Rainbow Rehabilitation Centers, Inc: 1,749 patients affected
  • Jacobson Memorial Hospital Care Center: 1,545 patients affected
  • Hope Healthcare Service: 1,152 patients affected
  • Piedmont Health Services: 677 patients affected
  • Andor Lab: 500 patients affected

Health Plans

  • Fisher Titus Health, Inc.: 49,636 patients affected
  • AllyAlign Health, Inc.: 33,932 patients affected
  • UPMC Health Plan: 19,000 patients affected

Business Associates

  • Harvard Eye Associates: 29,982 patients affected
  • Fairfax County Public Schools’ Health Plan: 11,056 patients affected
  • DataLogic Software, Inc.: 7,200 patients affected
  • InfuSystem Holdings, Inc.: 675 patients affected

Let’s Simplify Compliance

HIPAA compliance and cybersecurity go hand-in-hand. Avoid breaches by becoming HIPAA compliant today!

Learn More!
HIPAA Seal of Compliance