News
Qilin Ransomware Group Claims Attack on Hillebrand Home Health · Data BreachLake Region Healthcare Discloses May 2025 Network Intrusion Exposing Patient SSNs, Medical Records, and Financial Data · Data BreachFamily Health Centers of Southern Indiana Discloses January 2026 Network Intrusion Exposing Patient PHI Including Social Security Numbers · Data BreachInterlock Ransomware Group Claims 540 GB from Texas Hearing Institute, Nearly 30,000 Pediatric Patients Notified · Data BreachWisconsin Department of Health Services Reports HIPAA Breach Affecting 8,157 Medicaid Recipients After Benefits Letters Mailed to Wrong Addresses · Data BreachAmazon's One Medical Seniors Hit by ShinyHunters Extortion Group: 8.8TB of Legacy Patient Data at Risk · Data BreachOpenLoop Health Telehealth Infrastructure Vendor Breach Exposes Patient Data Across Multiple Digital Health Clients · Data BreachHealthcare AI Vendor Xsolis Breach Exposes 1.4 Million Records Across Seven Hospital Systems Including Mayo Clinic · Data BreachQilin Ransomware Group Claims Attack on Hillebrand Home Health · Data BreachLake Region Healthcare Discloses May 2025 Network Intrusion Exposing Patient SSNs, Medical Records, and Financial Data · Data BreachFamily Health Centers of Southern Indiana Discloses January 2026 Network Intrusion Exposing Patient PHI Including Social Security Numbers · Data BreachInterlock Ransomware Group Claims 540 GB from Texas Hearing Institute, Nearly 30,000 Pediatric Patients Notified · Data BreachWisconsin Department of Health Services Reports HIPAA Breach Affecting 8,157 Medicaid Recipients After Benefits Letters Mailed to Wrong Addresses · Data BreachAmazon's One Medical Seniors Hit by ShinyHunters Extortion Group: 8.8TB of Legacy Patient Data at Risk · Data BreachOpenLoop Health Telehealth Infrastructure Vendor Breach Exposes Patient Data Across Multiple Digital Health Clients · Data BreachHealthcare AI Vendor Xsolis Breach Exposes 1.4 Million Records Across Seven Hospital Systems Including Mayo Clinic · Data Breach
settlement

HHS Office for Civil Rights Settles 8th Ransomware Investigation with Elgon Information Systems: Corrective action / RA

Resolution Jan 2025

Penalty

Corrective action / RA

Action type

Settlement

Entity profile

Case number

What went wrong

HHS Office for Civil Rights Settles 8th Ransomware Investigation with Elgon Information Systems

Timeline

  • ResolutionJan 2025
  • Incident and investigation milestones are not consistently published by OCR in machine-readable form.

Key takeaways for your organization

  • Align policies, procedures, and evidence with the specific CFR provisions cited in OCR resolutions affecting your entity type.
  • Run tabletop exercises for breach response, OCR inquiry handling, and privilege-preserving communications with counsel.
  • Revisit business associate inventory and downstream vendor security assurances after major enforcement themes in your sector.

Related actions

Source

U.S. Department of Health and Human Services release

Source: U.S. Department of Health and Human Services, Office for Civil Rights. medcomply.ai aggregates public materials for educational use, not legal advice.