1,128 Patients Impacted by Compassion Care Hospice Breach

by | Jan 10, 2018

1,128 patients’ protected health information has potentially been viewed after an unauthorized individual gained access to the Compassionate Care Hospice Las Vegas (CCHLV) network and server.

The breach occurred on October 28, 2017, CCHLV was alerted that its network had been accessed by an unauthorized person. Upon identification of the breach, CCHLV contracted third-party forensics experts to conduct a thorough review to determine the manner of the breach and to identify all patients who were potentially impacted.

While the investigation showed that access to data was possible, no proof was uncovered to show that any sensitive information was viewed or stolen by the hacker. However, it was not possible to eliminate possible data access and theft with 100% certainty.

The sort of information saved on the parts of the network that could have been accessed included names, dates of birth, addresses, Medicare details, medical treatment data, health insurance credentials and archived electronic health records. Financial data was not stored on the section of the network compromised in the attack and remained safeguarded at all times.

Once access to the network and server had been switched off, CCHLV completed a comprehensive risk analysis to identify potential flaws in the confidentiality, integrity, and availability of PHI and has reviewed and revised network security policies. To ensure that any future cyberattacks are discovered and tackled rapidly, CCHLV has now adapted intrusion detection and monitoring systems.

CCHLV alerted all affected people by mail on December 14, 2017 and reported the hacking incident to the Department of Health and Human Services’ Office for Civil Rights. Upon finding the attack, law enforcement was alerted and CCHLV is continuing to help with the investigation.

All patients impacted by the data breach have been offered free credit monitoring and identity theft restoration services for one year through Kroll.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.


Please enable JavaScript in your browser to complete this form.

Patrick Kennedy

Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field. Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile:

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy