Menu
Browse

CorrectHealth

Primary URL Location Industry
www[.]correctcare[.]com
Country United States of America
Healthcare Icon
Healthcare
Profile

CorrectHealth operates as a healthcare provider that delivers medical, mental health, and ancillary services to incarcerated individuals in the United States. The organization focuses exclusively on the correctional health sector, partnering with state and local detention facilities to meet their clinical needs. Its services typically include primary care, chronic disease management, behavioral health support, pharmacy dispensing, and emergency medical response within correctional settings. By concentrating on this niche market, CorrectHealth has developed specialized expertise in navigating the unique regulatory and security environments of prisons and jails. The company’s headquarters is located in the United States, with a known operational presence in Georgia. This specialization positions CorrectHealth as a distinct player within the broader healthcare services industry, serving a population that often faces complex health challenges.

In November 2021, CorrectHealth experienced a cybersecurity incident in which unauthorized access to employee email accounts exposed personal and medical information of approximately 54,066 individuals. The compromised data included names, addresses, Social Security numbers, driver's license numbers, passport details, financial information, and limited health records. Following the breach, the organization notified all affected parties and implemented a series of security improvements. These measures comprised mandatory password resets for all staff, the introduction of multi‑factor authentication for administrative personnel, single sign‑on solutions for clinical teams, external email disclaimers, advanced phishing protection tools, and recurring cybersecurity training for employees. Despite these enhancements, the incident drew criticism regarding the timeliness of the remediation, with observers noting that the protections put in place after the breach could have potentially prevented the unauthorized access. The episode underscores the ongoing cybersecurity risks faced by healthcare organizations that manage sensitive data for vulnerable populations.

Incidents
Linked incidents available to members
1 incident