Comparison Overview

The Brook Hospitals

VS

Hiawatha Behavioral Health

The Brook Hospitals

8521 La Grange Rd, Louisville, Kentucky, 40242, US
Last Update: 2026-01-22
View Profile
Between 750 and 799
https://thebrookhospitals.com/

Since 1985, The Brook Hospitals have been providing quality mental health and addiction treatment services. The Brook Hospitals have two outstanding facilities located in Louisville, Kentucky. The Brook – KMI: The Brook – KMI is a 98-bed hospital offering a full continuum of inpatient, extended care, residential, partial hospitalization and outpatient services for adolescents, adults and seniors. The Brook – Dupont: The Brook – Dupont is a 88-bed hospital offering a full continuum of inpatient, extended care, partial hospitalization and outpatient services for children and adults.

NAICS: 621
NAICS Definition:
Employees: 154
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Hiawatha Behavioral Health

125 N Lake St, Manistique, Michigan, 49854-1234, US
Last Update:
Between 750 and 799
http://www.hbhcmh.org

Hiawatha Behavioral Health is a Community Mental Health Agency with locations in Schoolcraft, Mackinac and Chippewa counties. We are committed to helping individuals recognize opportunities for independence, choice and a meaningful life and we strive to improve collaboration with community partners to create an integrated approach toward optimal health and quality of life. Hiawatha Behavioral Health (HBH) was formed on October 1, 1997, resulting from a merger between the Eastern Upper Peninsula and Schoolcraft County Community Mental Health Boards and is now governed by a 12 member Board of Directors, with an equal number of representatives from each of the three counties. HBH is non-discriminatory; services are available regardless of race, color, nationality, religious or political belief, gender, age, disability, sexual orientation, or your ability to pay. Programs and services at Hiawatha Behavioral Health are partially funded by the Michigan Department of Community Health.

NAICS: 62133
NAICS Definition: Offices of Mental Health Practitioners (except Physicians)
Employees: 64
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/thebrookhospitals.jpeg
The Brook Hospitals
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/hiawatha-behavioral-health.jpeg
Hiawatha Behavioral Health
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
The Brook Hospitals
100%
Compliance Rate
0/4 Standards Verified
Hiawatha Behavioral Health
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Mental Health Care Industry Average (This Year)

No incidents recorded for The Brook Hospitals in 2026.

Incidents vs Mental Health Care Industry Average (This Year)

No incidents recorded for Hiawatha Behavioral Health in 2026.

Incident History — The Brook Hospitals (X = Date, Y = Severity)

The Brook Hospitals cyber incidents detection timeline including parent company and subsidiaries

Incident History — Hiawatha Behavioral Health (X = Date, Y = Severity)

Hiawatha Behavioral Health cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/thebrookhospitals.jpeg
The Brook Hospitals
Incidents

No Incident

https://images.rankiteo.com/companyimages/hiawatha-behavioral-health.jpeg
Hiawatha Behavioral Health
Incidents

No Incident

FAQ

Hiawatha Behavioral Health company demonstrates a stronger AI Cybersecurity Score compared to The Brook Hospitals company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, Hiawatha Behavioral Health company has disclosed a higher number of cyber incidents compared to The Brook Hospitals company.

In the current year, Hiawatha Behavioral Health company and The Brook Hospitals company have not reported any cyber incidents.

Neither Hiawatha Behavioral Health company nor The Brook Hospitals company has reported experiencing a ransomware attack publicly.

Neither Hiawatha Behavioral Health company nor The Brook Hospitals company has reported experiencing a data breach publicly.

Neither Hiawatha Behavioral Health company nor The Brook Hospitals company has reported experiencing targeted cyberattacks publicly.

Neither The Brook Hospitals company nor Hiawatha Behavioral Health company has reported experiencing or disclosing vulnerabilities publicly.

Neither The Brook Hospitals nor Hiawatha Behavioral Health holds any compliance certifications.

Neither company holds any compliance certifications.

Neither The Brook Hospitals company nor Hiawatha Behavioral Health company has publicly disclosed detailed information about the number of their subsidiaries.

The Brook Hospitals company employs more people globally than Hiawatha Behavioral Health company, reflecting its scale as a Mental Health Care.

Neither The Brook Hospitals nor Hiawatha Behavioral Health holds SOC 2 Type 1 certification.

Neither The Brook Hospitals nor Hiawatha Behavioral Health holds SOC 2 Type 2 certification.

Neither The Brook Hospitals nor Hiawatha Behavioral Health holds ISO 27001 certification.

Neither The Brook Hospitals nor Hiawatha Behavioral Health holds PCI DSS certification.

Neither The Brook Hospitals nor Hiawatha Behavioral Health holds HIPAA certification.

Neither The Brook Hospitals nor Hiawatha Behavioral Health holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
References
Description

Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References
Description

Azure Entra ID Elevation of Privilege Vulnerability

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
References
Description

Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0.9.3 and below, instances configured with the "ldap" component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used to determine whether or not a search was successful, allowing for brute force methods to discover LDAP entries on the server such as user IDs and user attributes. This issue has been fixed in version 0.10.0.

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss4
Base: 2.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames. The BackupManager fails to sanitize the filenames of uploaded backups. The system persists user-uploaded files directly to the host filesystem using the raw originalname provided in the request. This allows an attacker to stage a file containing shell metacharacters (e.g., $(id).tar.gz) at a predictable path, which is later referenced during the restore process. The successful storage of the file is what allows the subsequent restore command to reference and execute it. This issue has been fixed in version 4.7.0.

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
References