A hacker extracted the protected health information (PHI) of 535,489 patients from Texas ENT Specialists in August 2021. Although the Texas ENT breach occurred in August, it was not listed on the Office for Civil Rights portal until December 2021.

Texas ENT Breach

Details of Texas ENT Breach

Officials at Texas ENT Specialists first learned of the incident on October 19, 2021. The investigation revealed that the threat actor had accessed and copied files containing patient PHI from August 9-15, 2021.

The stolen data contained patient names, dates of birth, medical record numbers, and procedure codes used for billing purposes. The officials also uncovered the theft of a subset of Social Security numbers by the hacker.

Let’s Simplify Compliance

Learn how to protect your business from breaches in our upcoming webinar!

Sign Up!
HIPAA Seal of Compliance

Aftermath of Texas ENT Breach

In the wake of the hack, Texas ENT Specialists leadership reported the addition of safeguards and technical measures to strengthen their existing privacy and security program. In a statement regarding the breach, Texas ENT said, “We take patient privacy very seriously and we regret any inconvenience this incident may cause our patients and their families. To help prevent something like this from happening again, we are further strengthening our existing privacy and information security program by implementing additional safeguards and technical security measures to protect and monitor our systems.”

Under the HIPAA Breach Notification Rule, a breach of this magnitude requires all affected patients to be notified within 60 days of the discovery of the breach. According to Texas ENT, breach notification letters were mailed to affected individuals on December 10, 2021. 

Although all breaches of unsecured PHI are reportable under HIPAA, not all breaches are the result of violations, but those that are can result in substantial fines for the organizations at fault. It is yet to be determined whether the breach was the result of a HIPAA violation

The risk of breaches grows with every passing day. Becoming and remaining HIPAA compliant is the cornerstone of shielding or limiting the negative consequences of a breach on your enterprise. 

Our team of HIPAA experts is available to help you evaluate your current state of HIPAA compliance and give you peace of mind about where you stand. 

Third Party Verification and Validation

Need Help with HIPAA?

Let our complete HIPAA solution handle it.