Providence Saint Joseph Medical Center

The California Office of the Attorney General disclosed a data breach at **Providence Saint Joseph Medical Center** on **March 11, 2015**, stemming from an incident on **November 1, 2014**. The breach involved the **inadvertent exposure of medical billing records**, affecting an undisclosed number of individuals. Compromised data included **demographic details, billing information, and Social Security numbers (SSNs)**—highly sensitive personal identifiers. While the exact cause (e.g., misconfigured systems, human error, or third-party mishandling) was not specified, the exposure posed significant risks of **identity theft, financial fraud, and reputational harm** to the affected patients. As a healthcare provider, the center’s failure to safeguard such data violated patient trust and potentially violated regulatory frameworks like **HIPAA (Health Insurance Portability and Accountability Act)**. The breach underscored vulnerabilities in handling protected health information (PHI), though no evidence of malicious exploitation (e.g., ransomware or targeted cyberattack) was reported.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-48785

TPRM report: https://www.rankiteo.com/company/providencehealthsystem

"id": "pro029090625",
"linkid": "providencehealthsystem",
"type": "Breach",
"date": "11/2014",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Unspecified',
                        'industry': 'Healthcare',
                        'location': 'California, USA',
                        'name': 'Providence Saint Joseph Medical Center',
                        'type': 'Healthcare Provider'}],
 'data_breach': {'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['demographic information',
                                              'billing details',
                                              'social security numbers']},
 'date_detected': '2014-11-01',
 'date_publicly_disclosed': '2015-03-11',
 'description': 'The California Office of the Attorney General reported a data '
                'breach incident involving Providence Saint Joseph Medical '
                'Center on March 11, 2015. The breach, occurring on November '
                '1, 2014, involved the inadvertent disclosure of medical '
                'billing information, affecting an unspecified number of '
                'individuals and potentially compromising demographic '
                'information, billing details, and social security numbers.',
 'impact': {'data_compromised': ['demographic information',
                                 'billing details',
                                 'social security numbers'],
            'identity_theft_risk': 'Potential'},
 'references': [{'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': 'California Office of '
                                                       'the Attorney General'},
 'title': 'Providence Saint Joseph Medical Center Data Breach (2014)',
 'type': 'Data Breach'}