Western Health Screening, which gives onsite blood screening services at health fairs across the region of Colorado Western Slope, is providing 15,326 affected people protective services following a data breach.
Much of the at-risk patient information isn’t largely sensitive—data on the drive included names, addresses and phone numbers, but few Social Security numbers also might have been compromised, claimed the healthcare agency.
The breach happened when a car owned by Western Health Screening was stolen; a flash drive with the protected health information was in the car. The drive was password protected but not encrypted; it hasn’t been recovered.
Data on the flash drive can be accessed merely by using a unique password, and to date, there is no proof of data misuse, in accordance to Western Health Screening.
Still, the agency is offering 3 tiers of protective services from Kroll to affected people. The services being administered by Kroll involve credit monitoring, identity theft restoration and fraud consultation, a service that other healthcare agencies have rarely provided after a breach tragedy.
Western Health Screening didn’t respond to a request for data on the decision-making process they followed in making protective services to affected people.
Robert Belfort, a HIPAA attorney at the law firm Manatt, Phelps & Phillips, points out that if Social Security numbers were potentially compromised, the offer of multiple protections doesn’t seem like overkill. “If SSNs weren’t involved, the offer would appear to be very generous, however in my experience, there is a broad variation in how healthcare agencies treat these matters,” he adds.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment