This breach resulted in notifications to 17,914 clients and was listed by the Department of Health and Human Services as beginning March 23, 2010 and ending May 24, 2013.
"...this was a case of insider theft for tax refund fraud, and that after [the organization] was notified of the breach by law enforcement, they prudently notified everyone whose records the employee would have been able to access." - PHIprivacy.netThe organization learned of the ID theft from law enforcement; it is unclear why the breaches occurred for over three years. Organizations seeking to proactively detect data privacy breaches and identity theft, rather than learn of them from third parties, can utilize low-cost on-demand SaaS analytics services. >
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy and identity theft, even by authorized users - with no hardware and no on-site software.Sources:
(a) Central City Concern notifies employment access clients of data theft by former employee - www.PHIprivacy.net, 06/26/2014