Health systems affected by data breaches in the last 30 days

From employee insider breaches to an anonymous call informing a health system of a data breach, here are the health systems that have been affected by a cybersecurity or data breach incident since Feb. 28:

Editor's note: This article was updated on April 20 and will continue to be updated.

April 20:

• An error led to some patient information from John Muir Health Walnut Creek (Calif.) Medical to have been accessed by an unauthorized party.
  
  
• Palo Alto, Calif.-based Stanford Health Care; Pleasanton, Calif.-based Stanford Health Care Tri-Valley, Palo Alto, Calif.-based Stanford Medicine Children's Health, Castro Valley, Calif.-based Stanford Medicine Partners were affected by data breach at their behavioral and mental health service provider Brightline.
  
  
• Boise, Idaho-based St. Luke's Health System notified 15,246 patients that some of their personal health information may have been compromised due to a technical error that caused letters to be mailed to incorrect addresses.
  
  
• Knoxville, Tenn.-based Tennova Healthcare said it was affected by a third-party data breach that hit its parent company Franklin, Tenn.-based Community Health Systems.
  
  
• Birmingham, Ala.-based Grandview Medical Center; Huntsville, Ala.-based Crestwood Medical Center; Dothan, Ala.-based Flowers Hospital; Gadsden (Ala.) Regional Medical Center; Medical Center Enterprise (Ala.); and Foley, Ala.-based South Baldwin Regional Medical Center was affected by a third-party data breach that hit its parent company Franklin, Tenn.-based Community Health Systems.
  
  
• Chicago-based CommonSpirit Health said many of its current and former Catholic Health Initiatives, Centura Health and MercyOne facilities were affected by last year's ransomware attack on the health system.

March 20:

1. A woman alleges that a contract employee from Martinez, Calif.-based Contra Costa Regional Medical Center gained access to her medical records and posted them to a Facebook account.
   
   
2. UC San Diego Health's technology vendor Solv Health transmitted patients' confidential information to third-party service providers.
   
   
3. South Bend, Ind.-based Beacon Health System notified 3,117 patients that some of their personal information may have been accessed by an unauthorized employee who viewed patient records outside the scope of their job duties. 

4. Livonia, Mich.-based Trinity Health filed a data breach notice with the Massachusetts attorney general March 9 after it learned that some patient information was compromised as a result of unauthorized access.
   
   
5. Jamestown, N.Y.-based The Chautauqua Center notified patients that some of their protected health information was compromised when its medical records provider WebPT experienced an unauthorized disclosure.
   
   
6. Richmond, Va.-based Henrico Doctors' Hospital notified 990 patients that some of their protected health information was compromised in a data breach.
   
   
7. A cyberattack disrupted Warner Robins, Ga.-based Houston Healthcare's operations; the health system was able to remain open and care for patients using its backup processes and downtime procedures.
   
   
8. An anonymous individual called Norfolk, Va.-based Sentara Healthcare to notify the hospital that a PDF copy of a Medicare remittance report for Sentara's lab services was uploaded to an Adobe Acrobat website.