dental practice

Delta Dental Hack Affects 7 Million

Delta Dental of California is the latest victim of the global MOVEit file transfer data breach. The company is notifying nearly 7 million dental patients that their data was compromised. This newest breach adds to the devastating impact on healthcare caused by flaws in Progress Software’s MOVEit program.

In its website data breach notice, Delta Dental of California said that hackers accessed certain protected health information (PHI), including information shared in connection with dental procedures and claims payments. The company filed a breach notice with the Maine Attorney General on December 14, 2023. There is no breach notice on the HHS’ Office for Civil Rights portal to date, but it’s likely to appear soon.

Delta Dental of California is one of the nationwide Delta Dental health plans that cover 85 million people. This data breach notice applies only to patients insured by Delta Dental of California.

The information compromised included names, addresses, Social Security numbers, driver’s license or other state identification numbers, passport numbers, financial account information, tax identification numbers, individual health insurance policy numbers, and health information.

According to its notice, the company first learned of the breach on June 1, 2023. On July 6, after an internal investigation, Delta Dental confirmed that it was exposed to the MOVEit breach between May 27 and May 30. It then hired an independent IT forensics team to evaluate what information was affected and how extensive the breach was. The company also notified law enforcement.

Healthcare Hit Hard by the MOVEit Data Breach

The Delta Dental of California breach is the third largest MOVEit data breach, behind government contractor Maximus (11 million) and patient communications company Welltok (8.5 million). Welltok and Delta Dental patients account for 17% of the global MOVEit data breach victims so far. (15.5 million out of 90 million total).

Note that the Maximus breach also affected healthcare because one of its customers is the Centers for Medicaid and Medicare Services (CMS). At least 330,000 Medicare recipients were affected by the MOVEit breach at Maximus.

HIPAA Risk Management Can Prevent Breaches

The single most effective defense against cybercrime is HIPAA Risk Analysis and Risk Management. HIPAA requires it, and it’s easy to do with The HIPAA E-Tool®.

For example, the Security Rule Checklist in The HIPAA E-Tool® prompts organizations to patch and update software, refresh workforce training, and review encryption procedures and access controls.

If you want to strengthen compliance and reduce the risks of a breach, The HIPAA E-Tool® can help.

Share This Post

Maggie Hales

Maggie Hales is a lawyer focusing on health information privacy and security. As CEO of ET&C Group LLC she advises health care providers and business associates in 36 states, Canada, Egypt, India and the EU, using The HIPAA E-Tool® to deliver up to date policies, forms and training on everything related to HIPAA compliance.

Copyright © 2023 ET&C Group LLC.

The HIPAA E-Tool® and Protecting Patient Privacy is Our Job®
are registered trademarks of ET&C Group LLC

Terms of Use | Privacy Policy | Cookies Policy | Privacy Settings | HTML/XML Sitemap

Mailing Address
The HIPAA E-Tool
PO Box 179104
St. Louis, MO 63117-9104

Office
8820 Ladue Road Suite 200
St. Louis, MO 63124

Powered by JEMSU