BreachExchange mailing list archives
Hospital Fined $250,000 For Not Reporting Data Breach
From: security curmudgeon <jericho () attrition org>
Date: Thu, 9 Sep 2010 13:33:13 -0500 (CDT)
http://www.healthleadersmedia.com/page-1/TEC-256217/Hospital-Fined-250000-For-Not-Reporting-Data-Breach Hospital Fined $250,000 For Not Reporting Data Breach Cheryl Clark, for HealthLeaders Media, September 9, 2010 Lucile Salter Packard Children's Hospital at Stanford University $250,000 by California health officials for failing to report a patient records breach as of April 23, apparently linked to the theft of a hospital computer. Under state law, that amount is the maximum fine allowed for failing to report an adverse event, according to spokesman for the California Department of Public Health, Ralph Montano. The penalty is assessed at the rate of $100 for every day of delayed reporting for each patient medical record that was breached, he said. These failures to notify monetary penalties and the breach fines are unique in the country, according to officials for the National Academy for State Health Policy. So far, state health officials have issued more than $1.8 million in fines against 143 hospitals that failed to report an adverse event such as a breach of a medical record, a wrong-site surgery or a foreign object left inside a surgical patient. Montano could not say how many patients' records were breached at the Palo Alto children's facility or for how long and could not, as of late Wednesday, produce the state deficiency report that had been issued on this breach. It is unclear how the state discovered the breach or the lapsed reporting of the incident. [..] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- Hospital Fined $250,000 For Not Reporting Data Breach security curmudgeon (Sep 10)