Peace, joy, and strong encryption.

As you wrap up the year, HIPAA Vault is sending more than just holiday cheer—we’re sending thanks for your trust and a reminder that your data is safe, sound, and monitored 24/7.

Wishing you a secure and joyful Christmas from the HIPAA Vault team.

Industry News Roundup

MedStar Health hit by major data breach

MedStar Health, a major nonprofit hospital system in the Baltimore-Washington area, has disclosed a cyberattack that exposed sensitive patient information. The breach, which occurred in mid-September but was confirmed in November, compromised data like names, Social Security numbers, diagnoses, medications, and insurance details.

Notification letters were sent starting December 3, and affected individuals are being offered free credit monitoring and identity protection. While MedStar didn’t name the attacker, the notorious Rhysida ransomware group has claimed responsibility, saying it leaked 3.7 TB of data, including 7 million pieces of patient information, on the dark web.

Zoom out: This is yet another reminder that even large health systems with cybersecurity protocols in place remain vulnerable—and when healthcare data is involved, the stakes are especially high.

→ Catch the full story here.

Richmond Behavioral Health hit by ransomware attack

Richmond Behavioral Health Authority (RBHA), which provides mental health and addiction services in Virginia’s capital, is reeling from a ransomware attack that may have compromised the personal data of over 113,000 individuals.

Hackers infiltrated RBHA’s systems in late September, encrypted files, and may have accessed sensitive data, including Social Security numbers, passport info, financial details, and health records. While RBHA says there’s no definitive proof data was accessed, the Qilin ransomware gang has claimed responsibility—and leaked what it says is 192 GB of stolen info on the dark web.

RBHA’s response: New cybersecurity safeguards are now in place, and the agency is working with experts to tighten digital defenses. Still, patients are urged to stay alert for potential fraud.

→ See how the breach unraveled

Secure the Season with HIPAA-Compliant Hosting You Can Rely On

This holiday season, HIPAA Vault is here to remind you: peace of mind isn’t just a gift—it’s a guarantee. Our fully managed HIPAA-compliant hosting solutions start at just $499/month, delivering built-in security, compliance, and 24/7 expert support tailored for healthcare practices of all sizes.

From Linux and WordPress hosting to HIPAA-ready forms, our services are designed to simplify your compliance journey while keeping your data—and your patients—protected.

Whether you’re a solo provider or scaling across locations, HIPAA Vault offers affordable, scalable hosting that meets and exceeds the standards of the HIPAA Security Rule.

📞 Have questions or need guidance? We’re here to help.
📧 Contact us at [email protected]
📱 Or call us at 760-290-3460

This season and every season—stay compliant, stay confident.