Thursday, August 29, 2013

Why it Took 9 Months to Notify Breach Victims?

Up to 860 patients who used ambulances in early 2012 are just now receiving breach notices. Why the long delay?

In April we posted about ambulance patients' data stolen being by a rogue employee and sold to an identity theft ring. At that time the employer, who handled billing for ambulances, promised "a through forensic investigation."

"They never figured out all of the data that was accessed by the former employee, it seems, and only found out last month when the IRS contacted them."
- PHIprivacy.net
But last month the IRS contacted the billing company about additional patient data that might have been breached by their former employee. Thus only now are more patients are being notified.

Detecting all patients' data accessed by an insider, and determining which data was breached can require difficult, time consuming IT gymnastics. However, for truly through forensic investigations, which rapidly and easily detect all patients accessed by an insider, companies are utilizing low-cost on-demand SaaS analytics services.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Ninth months later, almost 860 Indiana residents are first being notified of the ADPI breach - www.phiprivacy.net, 08/27/2013

No comments:

Popular Posts

Copyright © 2010-2011 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.