US hospital pays $750,000 in data breach case

Powered by SC Magazine
 

Hospital lost phone numbers, birth dates, and health care data.

A US hospital has agreed to pay US$475,000 (AU$481,871) to settle an ongoing court case surrounding allegations it failed to securely protect the sensitive data of more than 800,000 patients.

Massachusetts Attorney-General Martha Coakley announced the court's findings, which saw South Shore Hospital agree to pay $250,000 (AU$253,616) in civil penalties and $225,000 (AU$228,255) for the Attorney-General's office to establish an awareness campaign concerning data security and sensitive information.

Approving the judgment, Suffolk Superior Court also recognised the hospital's additional payment of $275,000 (AU$282,000) reflecting security measures it had taken.

The case surrounded data leakage from the hospital, after it attempt to erase the information from 473 unencrypted tapes containing the names, social security numbers, financial details and medical diagnoses of more than 800,000 patients.

Of three boxes sent to Archive Data Solutions for erasure and reselling in June 2010, only one was found to have arrived.

The Attorney-General said the hospital not only failed to notify Archive Data Solutions of the sensitive information stored on the files but did not establish if the contractor had the proper security measures in place to protect the information, violating US legislation.

"We appreciate that the Attorney-General has recognised the steps we've taken to enhance our data-security systems and hope to be able to serve as a source of information about best practices for other health care providers,” said Richard H. Aubut, South Shore Hospital president and chief executive officer.

Data security law enforcement has been on the rise and fines have been prevalent, as is the case with a recent settlement involving BlueCross BlueShield of Tennessee.

This article originally appeared at scmagazineus.com

Updated: Currency exchanges corrected.

Copyright © SC Magazine, US edition


US hospital pays $750,000 in data breach case
 
 
 
Top Stories
Time management tips for CIOs
[Blog post] How to get to the genba.
 
Making a case for collaboration
[Blog post] Tap into your company’s people power.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  69%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  10%
 
Denial of service attacks
  6%
 
Insider threats
  11%
TOTAL VOTES: 1109

Vote