According to sources, Green Ridge Behavioral Health (a Medical organization in Maryland) was hit with a cyber attack. It was first reported on 2024-02-22.

Ransomware Attack on Maryland Psychotherapy Provider Results in HIPAA Penalty

“In February 2019,Green Ridge Behavioral Health (GRBH) filed a report with OCR about a breach of the protected health information of 14,000 patients. A malicious actor had accessed its systems and used ransomware to encrypt files. The investigation confirmed that the threat actor stole files containing sensitive patient information.“

“The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has settled alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) with a Maryland behavioral healthcare provider for $40,000“

“In December 2019, OCR initiated an investigation to establish whether GRBH had complied with the HIPAA Rules. GRBH was unable to provide OCR with evidence to prove that an accurate risk analysis had been conducted to identify risks and vulnerabilities to electronic protected health information (ePHI), as required by 45 C.F.R. § 164.308(a)(l)(ii)(A), and sufficient security measures had not been implemented to reduce risks and vulnerabilities to ePHI to a reasonable and appropriate level, as required by 45 C.F.R. § 164.308(a)(I)(ii)(B). “

Cyber-Protecting Our Nation’s Critical Infrastructure

At SecuLore, our mission is to cyber-protect our nation’s critical infrastructure. Led by experts in 9-1-1 technology, cyberwarfare, and ethical hacking, our team provides the technology, expertise, and training needed to defend customers from increasingly sophisticated cyber threats.