Merritt Healthcare Advisors

Merritt Healthcare Advisors, also operating under the name Merritt Advisors, is a United States-based organization providing advisory services within the healthcare sector. While specific service offerings are not detailed in public disclosures, operational context from a 2022 cybersecurity incident indicates involvement in handling protected health information (PHI) and personally identifiable information (PII) for clients. This suggests core activities likely include healthcare data management, compliance consulting, or related advisory functions supporting healthcare entities. The organization operates in a regulatory environment requiring adherence to health data protection standards, given its responsibility for sensitive client datasets.

The organization's operational scale is partially evidenced through incident reporting metrics. A July 2022 breach impacted over 77,000 individuals, indicating engagement with substantial healthcare datasets either through direct client services or intermediary advisory roles. This breach involved unauthorized access to an employee email account over a 30-day period, compromising names, contact details, medical information, and potentially insurance data. The month-long access window preceding detection suggests involvement in managing or processing longitudinal healthcare data, though specific client sectors or service specialties remain unspecified in available documentation.

Merritt Healthcare Advisors demonstrates established incident response protocols through its breach mitigation actions, including regulatory reporting to relevant authorities and provision of credit monitoring services to affected individuals. The delayed discovery of the intrusion, detected months after initial compromise, highlights the challenges of securing communication channels in healthcare advisory operations. While organizational structure details remain undisclosed, the breach notification process aligns with standard practices for entities handling PHI under U.S. healthcare regulations. The incident underscores the organization's role within healthcare data ecosystems where advisory firms manage sensitive information requiring both operational safeguards and regulatory compliance.