Getty Images/iStockphoto

Adaptive Health Integrations Data Breach Impacts 510K

North Dakota-based Adaptive Health Integrations faced a hacking incident in October that impacted over 510,000 individuals.

Adaptive Health Integrations faced a hacking incident that impacted 510,574 individuals, according to the Office for Civil Rights (OCR) data breach portal. The incident was the third-largest reported healthcare data breach in 2022 so far.

According to a sample breach notification letter posted on the Montana Attorney General’s Office website, an unauthorized individual “may have accessed a limited amount of data” on October 17, 2021.

Covered entities are required to notify OCR of a healthcare data breach impacting more than 500 individuals within 60 days of discovery under the HIPAA Breach Notification Rule. OCR listed the breach submission date as April 11, but Adaptive Health Integrations’ notice said that it concluded its investigation on February 23.

“Upon learning of this issue, we contained the threat by disabling unauthorized access to our network and immediately commenced a prompt and thorough investigation,” the notice stated.

Adaptive Health Integrations said that the incident, which occurred on a network server, contained some personal information. However, the specific information involved in the breach was redacted from the notice.

The letter also provided data breach victims with identity monitoring services via Kroll.

The North Dakota-based company provides LIS software services and billing and revenue services for laboratories, according to its website.

“Adaptive Health provides can tailor our applications to meet your specific needs and instrument communications,” the organization’s website states.

“Our billing services are integrated with one of the largest and most cost effective clearing houses in the country. This allows for greater efficiencies in processing claims submission and electronic claim remittance.”

The company’s website appears to have WordPress’ default phone number, address, and email rather than complete contact information.

“Please accept our apologies that this incident occurred. We remain fully committed to maintaining the privacy of personal information in our possession and have taken many precautions to safeguard it,” the notice to impacted individuals stated.

“We continually evaluate and modify our practices to enhance the security and privacy of your personal information.”

Next Steps

Dig Deeper on Healthcare data breaches