Department of Health and Social Services Press Release titled, “Cyberattack on DHSS website includes HIPAA and APIPA breach”

On September 16, 2021, the Department of Health and Social Services sent a Press Release titled, “Cyberattack on DHSS website includes HIPAA and APIPA breach”. There were three Press Releases on September 16 on the topic of the Cyberattack. We ask that you review all three documents for more information. They can be found on the following link.

Alaska Department of Health and Social Services

One of the items in the 09/16: Cyberattack Frequently Asked Questions states the following:

Q7: Was personal health information compromised?

A7: Mandiant thoroughly examined the department’s technology infrastructure and found no evidence that Alaskans’ protected health information or personally identifiable information has been stolen. However, given the capabilities of the nation-state sponsored attacker and the scope of access they had to the department’s infrastructure, we cannot be assured there is a low probability that protected health information was compromised, and therefore, in accordance with HIPAA and APIPA, we are notifying Alaskans their health or personal information may have been compromised. On Sept. 16, 2021, DHSS posted a breach notification to its website and issued a press release to media outlets statewide notifying the public about the breach of data.

The Division of Behavioral Health will provide information as it becomes available during the next Alaska Behavioral Health’s Association (ABHA) Meeting.

Thank you,

Patrick Swiger
Health Program Manager II
State of Alaska Department of Health and Social Services Division of Behavioral Health
3601 C Street, Suite 222 | Anchorage, AK 99503
Office: 907.269.3608
Email: patrick.swiger@alaska.gov

 

 

*Providers, please forward this message to staff you would link Alaska Department of Health and Social Services Email or Text Update you would like to self-register for DBH Communications messages.