Three details:
1. The Colorado health department requested Cedar Springs Hospital provide a copy of multiple records on an external device in October and the Colorado Springs-based hospital complied.
2. On Oct. 28, Cedar Springs Hospital learned the device provided was not encrypted, contrary to the state health department’s policy, and the surveyor had misplaced it.
3. The hospital identified names, addresses, birth dates and Social Security numbers contained on the misplaced device. There was also medical information such as treatment history and diagnoses on the device.
More articles on cybersecurity:
Presbyterian Health Plan misdirected mailing incident exposes 3,500+ individuals’ info
UVM Health cyberattack losses to exceed $63M: 5 details
Fired physician still had access to Illinois nursing center’s EHR, potentially exposing 1,000+ individuals’ info
At the Becker's 11th Annual IT + Revenue Cycle Conference: The Future of AI & Digital Health, taking place September 14–17 in Chicago, healthcare executives and digital leaders from across the country will come together to explore how AI, interoperability, cybersecurity, and revenue cycle innovation are transforming care delivery, strengthening financial performance, and driving the next era of digital health. Apply for complimentary registration now.
