109,000 Patients’ PHI Affected by Denton County MHMR Center Data Breach

by

Behavioral health clinic, Denton County MHMR Center, located in Denton, Texas, recently submitted a data breach report to the Department of Health and Human Services’ Office for Civil Rights (OCR) where an unauthorized party accessed the protected health information (PHI) of 108,967 present and past patients. The clinic discovered unusual activity within its computer system on or about December 24, 2024. The investigation confirmed that an unauthorized third party gained access to its system between December 24 and December 25, 2024.

On February 21, 2025, Denton County MHMR Center published a substitute breach notice on its website notifying patients regarding the data breach. Back then, the number of individuals affected and the types of data involved were still uncertain since the investigation and data analysis were in progress. On October 10, 2025, the health clinic reported that the incident potentially resulted in the compromise of data including patient names, birth dates, addresses, patients’ ID numbers, diagnosis, medical background data, medical treatment data, medical record numbers, laboratory data, treating physician’s name, medication details, vaccination data, health insurance data, and biometric data.

Denton County MHMR Center reported the data breach on November 5, 2025 to the HHS’ Office for Civil Rights. It also notified the state Attorneys general about the incident. One year after the breach happened, the impacted people are getting personal breach notification letters. When Denton County MHMR Center issued the breach notifications, there was no report received concerning the misuse of compromised patient data.

On December 30, 2025, Denton County MHMR Center posted updates on its website breach notice and mentioned the offer of credit monitoring and identity protection services to the impacted patients. Third-party cybersecurity specialists helped the behavioral clinic to carry out supplemental measures to boost system security. Denton County MHMR also reviewed and updated its guidelines and procedures associated with data protection.

Elizabeth Hernandez

Elizabeth Hernandez is the editor of HIPAA News section of HIPAA Coach and an experienced journalist in the healthcare sector. She specializes in healthcare and HIPAA compliance, making her a go-to source for information on healthcare regulations. Her work focuses on the importance of patient privacy and secure information handling. Elizabeth also has a postgraduate degree in journalism. Follow on Twitter: You can follow Elizabeth on twitter at https://twitter.com/ElizabethHzone