Community Research Foundation Posts Notice of Data Breach with the HHS-OCR

Richard Console, Jr.
Console and Associates, P.C.
Contact
LinkedIn
Facebook
X
Send
Embed

On June 20, 2023, Community Research Foundation (“CRF”) filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights (“HHS-OCR”), noting that a “Hacking/IT Incident” resulted in the confidential information of 30,057 individuals being leaked. If it hasn’t already, after completing its investigation, CRF will likely begin sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you received a data breach notification from the Community Research Foundation, it is essential you understand what is at risk and what you can do about it. Data breaches affect hundreds of millions of people per year. And many of these people end up falling victim to identity theft and other frauds. However, there are steps you can take to reduce these risks. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft as well as discuss your legal options following the Community Research Foundation data breach. For more information, please see our recent piece on the topic here.

What Caused the Community Research Foundation Breach?

The Community Research Foundation data breach was only recently announced, and more information is expected in the near future. Unfortunately, CRF’s filing with the HHS-OCR provides little information. For example, the HHS-OCR listing only mentions that the incident affected 30,057 people and resulted from a “Hacking/IT Incident” of a “Network Server.” And, while the company has posted an “Important Privacy Notice” on its website, as of June 28, 2023, the page was blank.

However, there are a few things that can be gleaned from the company’s filing with the HHS-OCR. Under the United States data breach laws, a company only needs to file notice of a breach with the HHS-OCR if it involved the protected health information of more than 500 consumers. We know that the CRF breach affected 30,057 individuals, and thus, while it cannot be confirmed, it’s likely that the Community Research Foundation involved consumers’ PHI.

On June 20, 2023, Community Research Foundation posted notice of the recent breach with the HHS-OCR. Additionally, victims should keep an eye out for a data breach letter because companies are required to notify anyone affected by a data breach. These letters should provide victims with a list of which information of theirs was compromised.

More Information About Community Research Foundation

Community Research Foundation is a 501(c)(3) not-for-profit corporation located in San Diego, California. CRF was created to design and operate programs designed to treat, educate, and rehabilitate those experiencing mental health problems, particularly those with co-occurring substance abuse disorders. CRF also engages in research to assess the efficacy of existing treatment methods and to develop new courses of treatment. Community Research Foundation employs more than 800 people and generates approximately $76 million in annual revenue.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

Written by:

Console and Associates, P.C.
Console and Associates, P.C.
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide