Ransomware infected systems operated by the covered entitys (CE) business link (BA), Marin Medical praxis Concepts, Inc. A third party forensic firm hired to investigate the incident found no evidence that patients personal, financial, or health information was accessed, viewed, or transferred. However, during the restitution process, one of the BAs backup systems failed, causing the loss of protected health information (PHI) documented by the CEs physicians during the period from July 11, 2016 through July 26, 2016. The PHI included vital signs, limited clinical histories, documentation of physical examinations, and records of the communications between patients and their physicians during their visits. OCR consolidated this review with an existing review of the BA involved in this case. location of hacked information: network Server Business colligate present: No