HORNE LLP

HORNE LLP, also known as HORNE Cyber, operates as a business associate in the United States, providing Medicaid-related services to healthcare providers. The organization's core function involves handling administrative and processing tasks for Medicaid, as evidenced by its work with Forrest General Hospital. This role requires the management of protected health information, including patient identifiers, Medicaid identification numbers, Social Security numbers, and service dates. As a business associate under the Health Insurance Portability and Accountability Act (HIPAA), HORNE LLP is subject to federal regulations governing the privacy and security of health data. Its services support the financial and operational aspects of Medicaid billing and patient care coordination within the healthcare sector. The company's alias HORNE Cyber suggests a focus on technology-driven solutions, though the explicit scope from available information centers on Medicaid service provision.

In October 2017, HORNE LLP experienced a phishing attack that compromised an employee's email account, leading to unauthorized access to protected health information. The breach exposed sensitive data such as patient names, Medicaid IDs, Social Security numbers, dates of birth, account numbers, and service dates. Following the incident, HORNE notified affected individuals and provided one year of complimentary credit monitoring and identity theft resolution services. The organization reported the breach to the U.S. Department of Health and Human Services as required by HIPAA. Although no confirmed misuse of the data occurred, HORNE enhanced its security protocols to mitigate future risks. This event highlights the company's operational exposure to cyber threats and its adherence to regulatory breach response procedures. The incident underscores the importance of robust security measures when handling large volumes of sensitive health information in the Medicaid ecosystem.