Incident Types: The types of cybersecurity incidents that have occurred include Ransomware, Breach, Data Leak and Cyber Attack.

Total Financial Loss: The total financial loss from these incidents is estimated to be $0.

Detection and Response: The company detects and responds to cybersecurity incidents through an remediation measures with provided training sessions to staff, remediation measures with took disciplinary action, and communication strategy with public statement acknowledging the incident and apologizing for inconvenience, and third party assistance with cybersecurity specialists, and containment measures with taking some it systems offline, and containment measures with systems taken offline, and remediation measures with offering 12 months of free credit monitoring to affected individuals, and remediation measures with class action settlement, remediation measures with credit/medical monitoring services for affected individuals, and communication strategy with written notifications to affected patients (march 2024), communication strategy with settlement claims process with deadlines..

Common Attack Types: The most common types of attacks the company has faced is Breach.

Average Financial Loss: The average financial loss per incident is $0.00.

Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Name, Account Number, Admission Date, Length Of Stay, Total Charges, Unit They Were Seen In, Room Number They Were Seen In, Insurance Carrier Name, , Highly sensitive information, Patient Records, Employee Records, , Employee Names, Employee Id Numbers, Social Security Numbers, , Names, Patient Codes, Other Patient-Related Details, , Demographic Information, Clinical Information, , Personal Information, Clinical Information, , Pii, Phi, , Names, Account Numbers, Medical Information and .

Third-Party Assistance: The company involves third-party assistance in incident response through Cybersecurity specialists.

Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Provided training sessions to staff, Took disciplinary action, , Offering 12 months of free credit monitoring to affected individuals, , Class action settlement, Credit/medical monitoring services for affected individuals, .

Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by taking some it systems offline, , systems taken offline and .

Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Class action lawsuit, , Class action lawsuit settled for $675,000, .

Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Class action lawsuit, and Source: California Office of the Attorney General, and Source: California Office of the Attorney GeneralDate Accessed: 2017-11-13, and Source: California Office of the Attorney GeneralDate Accessed: 2014-03-03, and Source: California Office of the Attorney General, and Source: Dignity Health, and Source: Class Action Settlement Notice, and Source: Settlement Administrator (R1/Dignity Data Incident Settlement), and Source: California Office of the Attorney General.

Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Public Statement Acknowledging The Incident And Apologizing For Inconvenience, Written Notifications To Affected Patients (March 2024) and Settlement Claims Process With Deadlines.

Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Written Notifications To Affected Patients, Settlement Claims Process, eligibility_criteria: ['Patients of Dignity Health St. Rose Dominican Hospital, Rosa de Lima Campus', 'Received written notification in/around March 2024', 'PII/PHI potentially accessed'], claim_options: ['Out-of-pocket expenses (up to $500)', 'Extraordinary losses (up to $2,500)', 'Pro rata cash payment', '2 years of three-bureau credit monitoring + CyEx Medical Shield Total'], deadlines: {'opt_out': '2025-10-13', 'claim_submission': '2025-11-11', 'final_approval_hearing': '2025-11-14'}, payout_methods: ['PayPal', 'Venmo', 'Zelle', 'Paper check (mail-only)'], required_documentation: ['Notice ID and PIN from settlement notice', 'Receipts/bills for out-of-pocket expenses', 'Police reports/statements for extraordinary losses'] and .

Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Cybersecurity specialists.

Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Provided Training Sessions To Staff, Took Disciplinary Action, , Settlement Payments, Credit/Medical Monitoring For Affected Individuals, .

Last Attacking Group: The attacking group in the last incident were an Employee of naviHealth and Unauthorized third party.

Most Recent Incident Detected: The most recent incident detected was on August 2016.

Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-03.

Highest Financial Loss: The highest financial loss from an incident was {'settlement_fund': '$675,000', 'individual_claims': {'out_of_pocket_expenses': 'Up to $500', 'extraordinary_losses': 'Up to $2,500', 'pro_rata_cash_payment': 'Varies (based on remaining funds)'}, 'administrative_costs': {'settlement_administration': 'To be determined', 'attorneys_fees': 'Amount pending court approval', 'class_representative_award': 'Up to $2,500'}}.

Most Significant Data Compromised: The most significant data compromised in an incident were name, account number, admission date, length of stay, total charges, unit they were seen in, room number they were seen in, insurance carrier name, , Highly sensitive information, , patient records, employee records, , Employee names, Employee ID numbers, Social Security Numbers, , Names, Patient Codes, Other Patient-Related Details, , Demographic Information, Clinical Information, , Names, Social Security Numbers, Health Insurance Details, , Name, Contact information, Date of birth, Social Security number, Location of services, Clinical/diagnosis information, Patient account number, Medical record number, , names, account numbers, medical information and .

Most Significant System Affected: The most significant system affected in an incident was Electronic health record systems and electronic health recordsother systems and Electronic Health RecordsOther IT Systems and IT systemsEHR systems and electronic health recordsother systems and Employee Self Service system.

Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Cybersecurity specialists.

Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were taking some IT systems offline and systems taken offline.

Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Clinical Information, Contact information, Clinical/diagnosis information, Health Insurance Details, total charges, Highly sensitive information, employee records, Names, Social Security Numbers, Demographic Information, insurance carrier name, Date of birth, name, Medical record number, Social Security number, account numbers, unit they were seen in, Employee ID numbers, Other Patient-Related Details, length of stay, names, Location of services, account number, Patient Codes, room number they were seen in, admission date, Employee names, medical information, Name, patient records and Patient account number.

Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 0.

Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Class action lawsuit, , Class action lawsuit settled for $675,000, .

Most Recent Source: The most recent source of information about an incident are Class Action Settlement Notice, Class action lawsuit, Dignity Health, California Office of the Attorney General and Settlement Administrator (R1/Dignity Data Incident Settlement).

Current Status of Most Recent Investigation: The current status of the most recent investigation is Settled (no further details on root cause investigation).

Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Written notifications to affected patients, Settlement claims process, .

Most Recent Customer Advisory: The most recent customer advisory issued were an eligibility_criteria: ['Patients of Dignity Health St. Rose Dominican Hospital, Rosa de Lima Campus', 'Received written notification in/around March 2024', 'PII/PHI potentially accessed'], claim_options: ['Out-of-pocket expenses (up to $500)', 'Extraordinary losses (up to $2,500)', 'Pro rata cash payment', '2 years of three-bureau credit monitoring + CyEx Medical Shield Total'], deadlines: {'opt_out': '2025-10-13', 'claim_submission': '2025-11-11', 'final_approval_hearing': '2025-11-14'}, payout_methods: ['PayPal', 'Venmo', 'Zelle', 'Paper check (mail-only)'], required_documentation: ['Notice ID and PIN from settlement notice', 'Receipts/bills for out-of-pocket expenses', 'Police reports/statements for extraordinary losses'] and .

Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Software Error, Human Error, Human error in data transmission (emailing Excel workbook to unauthorized recipient).

Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Provided training sessions to staffTook disciplinary action, Settlement paymentsCredit/medical monitoring for affected individuals.