Skip to main content
  1. Tech
  2. Gadgets & Tech
  3. Internet

Healthcare Firm pays Big Bucks for Breach

See also

A data breach can slug below the belt and knock a healthcare business flat on its back, as was the case with Columbia University and the New York and Presbyterian Hospital.

They paid a $4.8 million settlement (the biggest HIPAA settlement to date) after the electronic records of 6,800 patients (including vital stats, medications and even lab results) were accidentally leaked into cyberspace.

The leak was caused when a Columbia University doctor (who developed applications for CU as well as NYP) attempted to deactivate a computer server that was personally owned; the server was on the network that contained patient data.

The server lacked technical safeguards, and there’s evidence that neither organization had made any efforts, prior to the data breach, to ensure that the server was properly protected.

In fact, not even any risk analyses had been conducted; there was no risk management plan of substance, and there was a failure on both parties to put in place the policies and procedures for allowing access to databases, among other issues that were failed.

The leak was unveiled when someone discovered and then complained of details of a deceased partner (a former NYP patient) online.

Neither NYP nor CU had taken measures to ensure server integrity.

"When entities participate in joint compliance arrangements,” says Christina Heide, “they share the burden of addressing the risks to protected health information." Heide is Acting Deputy Director of Health Information Privacy for OCR. She goes on to point out that this disaster should be a wakeup call to healthcare organizations that protection of patient data should be paramount.

Part of the judgment is that both organizations will have to overhaul security measures, a major corrective action undertaking that includes developing a risk management plan and providing progress reports.

Find more information about this breach here: http://insurancenewsnet.com/oarticle/2014/05/08/data-breach-results-in-$48-million-hipaa-settlements-a-500992.html

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Advertisement

Don't Miss

  • Unity
    'Assassin's Creed Unity' preview: Ubisoft comes home to its urban origins
    Games Preview
  • Kindle
    The new 'Kindle Unlimited' program could cause legal troubles for Amazon.com
    Video
    Tech Buzz
  • Destiny
    The 'Destiny' beta: 7 things we absolutely love about Bungie's new franchise
    Games Feature
  • iOS Backdoors
    iOS backdoors: Hidden items found in 600 million devices, is Apple spying on us?
    Headlines
  • Far Cry
    'Far Cry 4' exclusive: Animals, avalanches, oxygen, side content and much more
    Games Interview
  • iPhone Handle
    A young inventor thinks all iPhones should come with one of these gadgets
    Video
    Headlines