Brockton Neighborhood Health Center (BNHC) recently disclosed a data breach after detecting unusual activity on its computer network. The breach exposed patients’ protected health information (PHI), including medical diagnoses, treatment details, and personal data for individuals treated between 2017 and 2022.
What happened
Brockton Neighborhood Health Center (BNHC) disclosed that an unauthorized user accessed its computer network between November 1 and November 3, 2024. BNHC identified suspicious activity and determined that an unknown actor accessed or copied files containing sensitive patient information.
Compromised patient details include names, dates of birth, addresses, medical diagnoses, lab results, medications, medical record numbers, health insurance information, and other treatment-related details.
BNHC began notifying affected individuals, regulators, and federal law enforcement authorities on December 16, 2024.
What was said
The BNHC public statement says, “We take this event and the security of information in our care seriously. We moved quickly to secure our network, investigate the suspicious activity, and notify potentially affected individuals.”
Additionally, the organization states, “As part of our ongoing commitment to information security, we are reviewing our policies and procedures to reduce the likelihood of similar future events.”
Why it matters
Exposed medical information can lead to identity theft, insurance fraud, or misuse. Patients impacted by the BNHC data breach should monitor their credit reports, review insurance statements, and consider using identity protection services.
Related: HIPAA Compliant Email: The Definitive Guide
FAQs
What is a data breach?
A breach occurs when an unauthorized party gains access, uses or discloses protected health information (PHI) without permission. Breaches include hacking, losing a device containing PHI, or sharing information with unauthorized individuals.
See also: How to respond to a data breach
What should individuals do if their data has been compromised?
If individuals suspect their data has been compromised, they must monitor their accounts for suspicious activity and report any unauthorized transactions immediately.
Are there any costs associated with placing a fraud alert or credit freeze?
No, under US law, consumers are entitled to a free credit report annually from each of the three major credit reporting bureaus: Equifax, Experian, and TransUnion. So, placing a fraud alert or credit freeze does not incur any costs.
