Another day, another phishing report from a HIPAA-covered entity.
This time, it’s Sacred Heart Rehabilitation Center in Michigan. The phishing attack itself occurred in early April. It’s not clear when the center first discovered the breach, but they only first discovered PHI was involved in November. The center’s release did not reveal numbers, and this is not up on HHS’s breach tool at this time.