On March 14, 2024, Cornerstone Healthcare Group Management Services LLC (“Cornerstone Specialty Hospitals”) filed a complaint with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that an unauthorized person had access to the following information: I have filed a data breach notification. provided to the company. In the notice, Cornerstone explains that as a result of this incident, unauthorized parties were able to access sensitive consumer information. Once Cornerstone completed its investigation, it began sending data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you receive a data breach notification from Cornerstone Healthcare Group Management Services LLC, it is important to understand what is at risk and what you can do about it. A data breach attorney can learn more about how to protect yourself from being a victim of fraud and identity theft, and discuss your legal options after a Cornerstone Specialty Hospital data breach. For more information, see our recent article on this topic. here.
What caused the data breach at Cornerstone Specialty Hospital?
The Cornerstone Specialty Hospital data breach was only recently announced, and more information is expected to be released in the near future. But documents filed by Cornerstone with the U.S. Department of Health and Human Services Office for Civil Rights provide very limited information about what led to the violations. And Cornerstone does not appear to have posted any notice on its website or issued a press release detailing the incident.
Based on the HHS-OCR filing, on March 14, 2024, Cornerstone filed a data breach notification related to a “hacking/IT incident” of a network server. Although Cornerstone was the company that notified HHS-OCR, the breach may have occurred at one of Cornerstone's vendors. Therefore, we cannot definitively say that Cornerstone's systems have been hacked. However, the fact remains that the information provided to Cornerstone was subject to unauthorized access.
Regardless of how the breach occurred, Cornerstone Specialty Hospital learned that sensitive consumer data was accessible to unauthorized parties and investigated the compromised files to determine what information. was breached and identified which consumers were affected.
Cornerstone Specialty Hospital notified HHS-OCR on March 14, 2024. This is typically when companies send notifications about data breaches to those affected. These letters should provide victims with a list of what information in their possession was compromised.
More information about Cornerstone Healthcare Group Management Services LLC
Cornerstone Healthcare Group Management Services LLC is a healthcare services provider based in Dallas, Texas. Cornerstone provides long-term acute care and rehabilitation services for medically complex patients who require additional treatment and supervision after discharge from the hospital. Cornerstone Specialty Hospitals provides long-term acute care at 15 locations in Arizona, Arkansas, Louisiana, Oklahoma, Texas and West Virginia. Cornerstone is part of ScionHealth, a national health system based in Louisville, Kentucky. Cornerstone Specialty Hospitals has more than 3,000 employees and generates annual revenues of approximately $395 million.