Celebrating
30 Years Of Practice.

MediCopy, MRO Corporation, and Deaconess Health System Data Breach Investigation

by | Mar 25, 2026 | Firm News |

Deaconess Health Systems (“Deaconess”) is an Indiana-based healthcare network. Their vendor, MRO Corporation, d/b/a MediCopy, provides Deaconess with Release of Information (“ROI”) services. MediCopy recently experienced a data incident involving some Deaconess patients’ sensitive information. This data breach could potentially include the information of patients belonging to other healthcare systems that use MediCopy.

On February 2, 2026, MediCopy informed Deaconess of a data security event involving an undisclosed number of Deaconess patients’ sensitive information. An investigation later revealed that an unauthorized party breached MediCopy’s cloud-based file sharing platform and downloaded files on January 13, 2026. Deaconess maintains that the data breach was limited to certain patient information involved in ROI requests from Deaconess Henderson Hospital, Deaconess Union County Hospital, and their surrounding clinics. Information involved in the breach includes both Personally Identifiable information (“PII”) and Protected Health Information (“PHI”). Potentially impacted PII and PHI includes—but is not limited to—names, Social Security numbers, dates of birth, medical record numbers, date(s) of service, health insurance identification numbers, and medical records.

If you receive a breach notification letter from Deaconess or another healthcare provider, MediCopy, or MRO Corporation regarding this data breach and would like additional information about your legal rights, you can contact Goldenberg Schneider, LPA by calling 513-982-1569, sending an email to [email protected] or completing the “Contact Us” form to the right.

Contact Us