US hospital pays $750,000 in data breach case

Powered by SC Magazine
 

Hospital lost phone numbers, birth dates, and health care data.

A US hospital has agreed to pay US$475,000 (AU$481,871) to settle an ongoing court case surrounding allegations it failed to securely protect the sensitive data of more than 800,000 patients.

Massachusetts Attorney-General Martha Coakley announced the court's findings, which saw South Shore Hospital agree to pay $250,000 (AU$253,616) in civil penalties and $225,000 (AU$228,255) for the Attorney-General's office to establish an awareness campaign concerning data security and sensitive information.

Approving the judgment, Suffolk Superior Court also recognised the hospital's additional payment of $275,000 (AU$282,000) reflecting security measures it had taken.

The case surrounded data leakage from the hospital, after it attempt to erase the information from 473 unencrypted tapes containing the names, social security numbers, financial details and medical diagnoses of more than 800,000 patients.

Of three boxes sent to Archive Data Solutions for erasure and reselling in June 2010, only one was found to have arrived.

The Attorney-General said the hospital not only failed to notify Archive Data Solutions of the sensitive information stored on the files but did not establish if the contractor had the proper security measures in place to protect the information, violating US legislation.

"We appreciate that the Attorney-General has recognised the steps we've taken to enhance our data-security systems and hope to be able to serve as a source of information about best practices for other health care providers,” said Richard H. Aubut, South Shore Hospital president and chief executive officer.

Data security law enforcement has been on the rise and fines have been prevalent, as is the case with a recent settlement involving BlueCross BlueShield of Tennessee.

This article originally appeared at scmagazineus.com

Updated: Currency exchanges corrected.

Copyright © SC Magazine, US edition


US hospital pays $750,000 in data breach case
 
 
 
Top Stories
Microsoft confirms Australian Azure launch
Available from next week.
 
NBN Co names first 140 FTTN sites
National trial extended.
 
Cloud, big data propel bank CISOs into the boardroom
And this time, they are welcome.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  14%
 
Software development
  27%
TOTAL VOTES: 265

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  61%
 
No
  39%
TOTAL VOTES: 84

Vote