Oklahoma health department notifies 47k after data breach

The Oklahoma Department of Human Services is notifying 47,000 clients of a data breach from 2016 in which an unauthorized source accessed their personal information, according to HHS' Office for Civil Rights Breach Portal.

However, a spokeswoman for the agency told Becker's Hospital Review 32,773 letters in total had been delivered. That's because this was the second notification letter sent about the same incident — DHS had neglected to notify HHS the first time.

An unauthorized user accessed a computer used for a state assessment at Poteau, Okla.-based Carl Albert State College in April 2016. The incident compromised names, addresses, dates of birth and Social Security numbers of current and former DHS Temporary Assistance for Needy Families clients.

The college was notified of the incident two weeks after, and it notified the Department of Homeland Security Office of Inspector General by May 2016. All affected TANF clients were initially mailed letters in August 2016. However, since DHS' responsibilities fall under HIPAA, HHS required the organization to distribute a second notice, which was mailed Nov. 30.

There has been no evidence that any data was downloaded from the college's computer server, and the college took immediate steps to secure the data as well as continue monitoring efforts after the breach.

More articles on cybersecurity:

Trend Micro: 6 cybersecurity predictions for 2018
OCR: 8 tips to ensure former employees don't leak PHI
NHS to spend $26M on security operations following WannaCry attack: 4 things to know

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Top 40 Articles from the Past 6 Months