US hospital pays $750,000 in data breach case

Powered by SC Magazine
 

Hospital lost phone numbers, birth dates, and health care data.

A US hospital has agreed to pay US$475,000 (AU$481,871) to settle an ongoing court case surrounding allegations it failed to securely protect the sensitive data of more than 800,000 patients.

Massachusetts Attorney-General Martha Coakley announced the court's findings, which saw South Shore Hospital agree to pay $250,000 (AU$253,616) in civil penalties and $225,000 (AU$228,255) for the Attorney-General's office to establish an awareness campaign concerning data security and sensitive information.

Approving the judgment, Suffolk Superior Court also recognised the hospital's additional payment of $275,000 (AU$282,000) reflecting security measures it had taken.

The case surrounded data leakage from the hospital, after it attempt to erase the information from 473 unencrypted tapes containing the names, social security numbers, financial details and medical diagnoses of more than 800,000 patients.

Of three boxes sent to Archive Data Solutions for erasure and reselling in June 2010, only one was found to have arrived.

The Attorney-General said the hospital not only failed to notify Archive Data Solutions of the sensitive information stored on the files but did not establish if the contractor had the proper security measures in place to protect the information, violating US legislation.

"We appreciate that the Attorney-General has recognised the steps we've taken to enhance our data-security systems and hope to be able to serve as a source of information about best practices for other health care providers,” said Richard H. Aubut, South Shore Hospital president and chief executive officer.

Data security law enforcement has been on the rise and fines have been prevalent, as is the case with a recent settlement involving BlueCross BlueShield of Tennessee.

This article originally appeared at scmagazineus.com

Updated: Currency exchanges corrected.

Copyright © SC Magazine, US edition


US hospital pays $750,000 in data breach case
 
 
 
Top Stories
IBM, NEC picked for major NSW Transport deals
Final contract negotiations begin.
 
Westpac interim CIO resigns
Group CIO yet to be appointed.
 
Five emerging technologies that will transform financial services
[Blog post] Far out ideas that aren't far off.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  30%
 
Application integration concerns
  3%
 
Security and compliance concerns
  27%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  21%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 998

Vote