Everett & Hurite Ophthalmic Association

Everett & Hurite Ophthalmic Association is an eye care provider operating in the United States as an association that delivers ophthalmological services. Its involvement with internal CMS (Centers for Medicare & Medicaid Services) reports indicates its participation in federal health programs, processing data for patients covered by Medicare and Medicaid. The association handles a range of protected health information, including patient names, dates of birth, financial details, health insurance data, Social Security numbers, and medical treatment records. The scale of its operations is evident from a 2020 data breach that impacted 34,113 individuals, reflecting the substantial volume of sensitive patient information it manages. This situates the organization within the specialized healthcare sector focused on ocular care, where compliance with health information privacy regulations is a critical operational requirement.

On or around February 25, 2020, Everett & Hurite Ophthalmic Association experienced unauthorized access to an employee email account over a one-month period. The incident was discovered during an internal investigation prompted by unusual account activity, leading to immediate containment measures that included securing the compromised account and engaging forensic specialists. Forensic analysis determined that the email contained patient data from CMS reports, but no evidence was found that any information was actually viewed or misused by the unauthorized party. The exposed data varied among affected individuals, encompassing names, dates of birth, financial and health insurance details, Social Security numbers, and medical treatment information. Following the investigation, the organization reported the breach to federal health authorities in accordance with notification requirements, fulfilling its regulatory obligations despite the lack of confirmed data misuse.