The hospital is not not clear on how the breach occurred and that "it appears most of the PHI was taken in the approximate time period of 2012-2012."
An employee took PHI but the hospital only knows about it because the employee's lawyers want to use the stolen pHI in their case against the hospital..Unfortunately it is not uncommon for healthcare organizations to learn of privacy data breaches from third parties such as law enforcement or lawsuits. For organizations seeking to proactively identify unauthorized breaches of patient data privacy, even by authorized users, low-cost on-demand SaaS analytics services are available.
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) SOURCE_TITLE - SOURCE_NAME_AND_DATE