By HFT Staff

BayMark Health Services, Inc., as the parent company of various healthcare facilities, provides administrative services to BAART Programs, Healthcare Resource Centers, and MedMark Treatment Centers (the facilities). On January 8, 2025, BayMark began mailing notification letters to certain patients whose information related to some of the services they received from the facilities was involved in an incident. 

On October 11, 2024, they learned of an incident that disrupted the operations of some of their IT systems. They immediately took steps to secure our systems, launched an investigation with the assistance of third-party forensic experts, and notified law enforcement. Their investigation determined that an unauthorized party accessed some of the files on BayMark’s systems between September 24, 2024, and October 14, 2024. They then initiated a review and analysis of those files. 

On November 5, 2024, they determined that these files contained information that varied per patient but could have included patient names and one or more of the following: Social Security number, driver’s license number, date of birth, services received, dates of service, insurance information, treating provider, and treatment and/or diagnostic information. 

To help prevent something like this from happening again, BayMark has implemented additional safeguards and technical security measures to further protect and monitor their systems.