By HFT Staff

Delta Specialty Hospital, Inc. recently identified and addressed an incident that involved unauthorized access to one employee’s email account. Upon learning of this incident on January 11, 2024, Delta immediately took steps to secure the email account and launch an investigation with the assistance of a third-party forensic investigation firm. The investigation confirmed that this incident was limited to just one employee’s email account and did not involve their electronic health records systems. This incident did not disrupt their services or operations either.  

Through their investigation, Delta determined that an unauthorized party accessed the Delta employee’s email account between the dates of January 11, 2024, and January 15, 2024. While in the email account, the unauthorized party accessed certain emails. To determine those emails' contents, Delta reviewed each accessed email. Through this review, which was completed on May 21, 2024, Delta identified emails that contain information about certain patients. The information involved varied by patient but includes names in combination with one or more of the following: addresses, patient and medical record numbers, provider names, treatment and health insurance information, and/or status as a Delta patient.  

On May 31, 2024, Delta began mailing letters to patients whose information was involved in the incident. To help prevent something like this from happening again, Delta have implemented additional safeguards and technical security measures to further protect and monitor their systems.