One of the provider's employees accessed computerized records and may have taken information such as social security numbers, dates of birth and credit card numbers.
"Since they didn’t say anything about technical safeguards, the assumption can be made that there were none in place.."The healthcare organization was alerted to the possible identity thefts by law enforcement, not apparently from internal safeguards.
-Health IT Security
Organizations can avoid learning from third parties about such breaches, even by authorized users, by utilizing new low-cost on-demand SaaS proactive breach detection services.
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) Community Health Sends Patients Data Breach Notifications - www.healthitsecurity.com, 05/17/2013