CONFIDENTIAL
GreySec

PHI Security Assessment

Client
GreySec Lab (Internal)
Date
May 04, 2026 at 21:27 UTC
Assessment
Protected Health Information Discovery
Classification
Confidential — HIPAA Sensitive
Version
1.0

Executive Summary

10
Total Findings
5
HIGH
5
MEDIUM
0
LOW
0
Files Scanned

This assessment identified 10 potential PHI exposures across 3 scanned sources. 5 HIGH severity findings require immediate attention, including Social Security Numbers (SSN), Medical Record Numbers (MRN), and unencrypted identifiers. 5 MEDIUM findings include email addresses and phone numbers associated with patient records.

Scope

SourceTypeFiles ScannedFindings
DESKTOP-1DHNF5M FILE 0 0
WIN-Q2M8VH5J8VR FILE 0 0
mssql://localhost/GreySecPHI DATABASE 0 10

Findings by Source

mssql://localhost/GreySecPHI

TypeSeverityTextLocation
EMAIL_ADDRESS MEDIUM jwhitfield@email.com
EMAIL_ADDRESS MEDIUM schen@midwestmed.org
EMAIL_ADDRESS MEDIUM jobrien@gmail.com
EMAIL_ADDRESS MEDIUM mrodriguez@texashealth.net
EMAIL_ADDRESS MEDIUM rwashington@email.com
US_SSN HIGH 573-44-9281
US_SSN HIGH 819-77-3341
US_SSN HIGH 622-11-0099
US_SSN HIGH 441-28-7763
US_SSN HIGH 662-41-0039

Risk and Impact

The identified exposures represent significant HIPAA Security Rule violations under 45 CFR Part 164. The presence of unprotected SSNs and MRNs in accessible locations constitutes a critical risk of identity theft and medical identity fraud for affected individuals.

HIGH severity findings (SSN, MRN) require immediate containment: encryption at rest, access restriction, and breach notification evaluation per 45 CFR 164.400.

MEDIUM severity findings (email, phone) require corrective action planning within 30 days to eliminate unnecessary PHI accumulation and implement access controls.

GreySec recommends engaging legal counsel to evaluate breach notification obligations and coordinating with the OCR HIPAA Breach Reporting portal within 60 days of discovery.

Appendix — Raw Findings Data

[ { "hostname": "DESKTOP-1DHNF5M", "ip": "192.168.68.15", "files_scanned": 0, "findings": [], "errors": [ "SMB SessionError: code: 0xc0000022 - STATUS_ACCESS_DENIED - {Access Denied} A process has requested access to an object but has not been granted those access rights." ], "scan_duration_secs": 0 }, { "hostname": "WIN-Q2M8VH5J8VR", "ip": "192.168.68.20", "files_scanned": 0, "findings": [], "errors": [ "SMB SessionError: code: 0xc0000022 - STATUS_ACCESS_DENIED - {Access Denied} A process has requested access to an object but has not been granted those access rights." ], "scan_duration_secs": 0 }, { "source": "mssql://localhost/GreySecPHI", "source_type": "database", "files_scanned": 0, "findings": [ { "type": "EMAIL_ADDRESS", "severity": 2, "text": "jwhitfield@email.com", "source_path": "mssql://localhost/GreySecPHI", "score": 1.0 }, { "type": "EMAIL_ADDRESS", "severity": 2, "text": "schen@midwestmed.org", "source_path": "mssql://localhost/GreySecPHI", "score": 1.0 }, { "type": "EMAIL_ADDRESS", "severity": 2, "text": "jobrien@gmail.com", "source_path": "mssql://localhost/GreySecPHI", "score": 1.0 }, { "type": "EMAIL_ADDRESS", "severity": 2, "text": "mrodriguez@texashealth.net", "source_path": "mssql://localhost/GreySecPHI", "score": 1.0 }, { "type": "EMAIL_ADDRESS", "severity": 2, "text": "rwashington@email.com", "source_path": "mssql://localhost/GreySecPHI", "score": 1.0 }, { "type": "US_SSN", "severity": 3, "text": "573-44-9281", "source_path": "mssql://localhost/GreySecPHI", "score": 0.5 }, { "type": "US_SSN", "severity": 3, "text": "819-77-3341", "source_path": "mssql://localhost/GreySecPHI", "score": 0.5 }, { "type": "US_SSN", "severity": 3, "text": "622-11-0099", "source_path": "mssql://localhost/GreySecPHI", "score": 0.5 }, { "type": "US_SSN", "severity": 3, "text": "441-28-7763", "source_path": "mssql://localhost/GreySecPHI", "score": 0.5 }, { "type": "US_SSN", "severity": 3, "text": "662-41-0039", "source_path": "mssql://localhost/GreySecPHI", "score": 0.5 } ], "scan_duration_secs": 0 } ]