Information Security News mailing list archives
Vendor sacked for HIPAA breach blunder
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 2 May 2014 10:09:49 +0000 (UTC)
http://www.healthcareitnews.com/news/vendor-sacked-after-HIPAA-breach-blunder By Erin McCann Associate Editor Healthcare IT News May 1, 2014Can a subcontractor expect to keep the job after accidentally posting protected health information of some 15,000 patients online? A Boston teaching hospital says, 'definitely not.'
The 496-bed Boston Medical Center in Massachusetts has fired third-party vendor MDF Transcription after hospital officials discovered the company posted health records and demographic data of 15,000 patients to the vendor's website with no password protection.
"As a result, the notes could have potentially been accessed by non-authorized individuals," BMC spokesperson Jenny Eriksen Leary wrote to Healthcare IT News.
When asked how long the information had been posted publicly online, Eriksen Leary said hospital officials are not sure, but they are currently working with MDF to determine that information. The hospital has been working with MDF Transcription for 10 years.
[...] -- Subscribe to InfoSec News http://www.infosecnews.org/subscribe-to-infosec-news/
Current thread:
- Vendor sacked for HIPAA breach blunder InfoSec News (May 02)