Erlanger vendor loses backup CDs containing almost 5,000 patients' info during software update

Chattanooga, Tenn.-based Erlanger notified patients of a security breach after a third-party vendor misplaced backup CDs containing patient information.

Five details:

1. One of the health system's third-party vendors misplaced a CD used to perform software updates on June 12. The health system conducted an investigation and searched for the CDs in the hospital, but was unable to find them.

2. The health system determined the CDs included patient information and were not password-protected.

3. The CDs contained patient names, birth dates, medical record or patient account numbers, service dates and lab results.

4. There were 4,938 individuals affected by the breach, according to HHS.

5. The health system changed its policy to require all backup information be stored in a secure location on the hospital's network. It also aims to eliminate the use of CDs for performing backup services.

More articles on cybersecurity:
Scammers posing as Spectrum Health employees are calling patients to steal their PHI, health system warns
Advocate Aurora reports breach after paper records left at former hospital: 3 details
The future of health data privacy: 6 things to know

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Webinars

Featured Whitepapers