Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Vendor sacked for HIPAA breach blunder

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 2 May 2014 10:09:49 +0000 (UTC)
http://www.healthcareitnews.com/news/vendor-sacked-after-HIPAA-breach-blunder

By Erin McCann
Associate Editor
Healthcare IT News
May 1, 2014
Can a subcontractor expect to keep the job after accidentally posting protected health information of some 15,000 patients online? A Boston teaching hospital says, 'definitely not.'
The 496-bed Boston Medical Center in Massachusetts has fired third-party vendor MDF Transcription after hospital officials discovered the company posted health records and demographic data of 15,000 patients to the vendor's website with no password protection.
"As a result, the notes could have potentially been accessed by non-authorized individuals," BMC spokesperson Jenny Eriksen Leary wrote to Healthcare IT News.
When asked how long the information had been posted publicly online, Eriksen Leary said hospital officials are not sure, but they are currently working with MDF to determine that information. The hospital has been working with MDF Transcription for 10 years. 

[...]



--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
Previous By Date Next
Previous By Thread Next

Current thread: