The health and wellness services division of Washington State University in Seattle has faced a huge breach of protected health information, but the extent of the tragedy isn’t yet clear.
Local media, involving KUOW a National Public Radio station, have reported the breach affects 1 million people, but the HHS Office for Civil Rights, which enforces the HIPAA privacy and security rules, hasn’t publicly confirmed that number.
On the day of April 21, the Washington State University discovered that a hard drive was stolen from a locked safe. The hard drive held back-up files from a server utilized by the Social and Economic Sciences Research Center, which involved a health survey that collected PHI.
Breached data from the health and wellness services division covered data of sufferers of medical and dental clinics, vision clinics, behavioral health organizations and local pharmacies.
Compromised data included Social Security numbers, names and undisclosed personal health information. Entities giving the information included school districts and community colleges, along with other undisclosed customers.
Washington State University is providing affected individuals one year of credit monitoring and identity theft protection services. Notification letters were mailed on the day of June 9, and the university is inquiring individuals who believe they may have been affected and have not got a letter by June 30 to call a dedicated hot line.
“As president of Washington State University, I deeply regret that this tragedy occurred and am truly sorry for any concern it might cause our community,” Kirk H. Schulz claimed in the notification letters. He pledged to strengthen IT operations through a comprehensive assessment of IT practices and policies, as well as improving security awareness training of employees.
The university refused to give additional information on the incident.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment