The breach occurred when payment receipts for healthcare services were inadvertently moved onto a public server and became accessible to search engines. The receipts contained patients’ names as well as information about the services they received. The breach was discovered when one of the affected patients notified the state’s Public Health Department she discovered her own receipt through a Google search. The information was promptly moved off the public server, and the department updated its security procedures and re-educated staff members, according to the report.
In addition to the monetary settlement, the county has also agreed to allow HHS to monitor its security and privacy practices to help prevent future incidents, according to the report.
More Articles on Data Breaches:
Patients Notified of Potential Data Breach After Laptop Stolen at Texas Physician’s Office
Data Governance: Can Healthcare Organizations Afford Not To Govern Their Data?
UnitedHealth, 2 Hospitals Launch Investigation After Thousands of Patients’ Information Sent to Oregon Man
At the Becker's 11th Annual IT + Revenue Cycle Conference: The Future of AI & Digital Health, taking place September 14–17 in Chicago, healthcare executives and digital leaders from across the country will come together to explore how AI, interoperability, cybersecurity, and revenue cycle innovation are transforming care delivery, strengthening financial performance, and driving the next era of digital health. Apply for complimentary registration now.
