About these pages
About our healthcare data breach pages.
If you've received a breach notification letter, the information you need is usually scattered across the HHS breach portal, the breached entity's own notice, state attorney general filings, and trade press. The pages on this site bring what's publicly known about each breach into one place so you don't have to do that research yourself.
Where the information comes from
We draw from public sources. Each page links the specific sources used at the bottom:
- HHS Office for Civil Rights Breach Portal (the federal regulatory record)
- The breached entity's own notification page
- State attorney general breach-notification portals
- Healthcare trade press (HIPAA Journal, Becker's, DataBreaches.net, Healthcare IT News, Modern Healthcare)
- Court filings, where class actions have been filed
- Public threat-intelligence sources, where attacker attribution is at issue
What you won't find here
- Legal advice. HealthConsent is not a law firm. If you need to evaluate a claim, consult a licensed attorney.
- Medical advice. HealthConsent is not a healthcare provider.
- Recommendations for specific credit-monitoring vendors. We report what the breached entity is offering and note when no monitoring is offered.
- Details that aren't in the public sources we've linked.
How pages get updated
Each page carries a visible Last updated date. When new information becomes public (a state AG filing posts, a class action is filed, the entity publishes additional detail, a final affected count replaces an interim figure), we update the page and bump that date. Open investigations are revisited as new information becomes available.
Corrections
If you find an error on a page, email [email protected] with the URL and the correction. We respond within one business day. The linked sources on each page are the canonical record; if a source has been retracted or revised, please tell us and we'll re-verify.