CHS settles patient data breach for $5M

Five details:.

Franklin, Tenn.-based Community Health Systems has actually concurred to pay $5 million to settle a 2014 information breach that affected about 6.1 million patients, according to an Oct. 8 Iowa justice department news release.

Jackie Drees –
Thursday, October 8th, 2020
Print|Email.

1. In August 2014, a cyberhacking group acquired access to CHS company associate services entitys information system and stole the safeguarded health information of 6.1 million patients.

2. At the time of the breach, CHS owned, rented or operated 206 affiliated medical facilities. Client details exposed as an outcome of the incident consisted of names, Social Security birthdates, addresses and numbers.

3. The CHS associate, called CHSPSC, accepted pay the Office for Civil Rights $2.3 million to settle the HIPAA breach, according to a Sept. 24 news release. OCRs investigation discovered that the business failed to perform a danger analysis and execute gain access to controls.

4. The Oct. 8 judgment needs CHS to pay $5 million to 28 states getting involved in the settlement. Those states are: Alaska, Arkansas, Connecticut, Florida, Illinois, Indiana, Iowa, Kentucky, Louisiana, Massachusetts, Michigan, Mississippi, Missouri, Nebraska, Nevada, New Jersey, North Carolina, Ohio, Oregon, Pennsylvania, Rhode Island, South Carolina, Tennessee, Texas, Utah, Vermont, Washington, and West Virginia.

5. In addition to the financial settlement, CHS likewise accepted execute a brand-new info security program with a written event reaction strategy, security awareness and privacy training for all staff members who have access to secured health info and develop brand-new policies for business partners.

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by click on this link.

The CHS associate, named CHSPSC, concurred to pay the Office for Civil Rights $2.3 million to settle the HIPAA breach, according to a Sept. 24 news release. The Oct. 8 judgment requires CHS to pay $5 million to 28 states participating in the settlement. Those states are: Alaska, Arkansas, Connecticut, Florida, Illinois, Indiana, Iowa, Kentucky, Louisiana, Massachusetts, Michigan, Mississippi, Missouri, Nebraska, Nevada, New Jersey, North Carolina, Ohio, Oregon, Pennsylvania, Rhode Island, South Carolina, Tennessee, Texas, Utah, Vermont, Washington, and West Virginia.

Client details exposed as a result of the occurrence included names, Social Security numbers, birthdates and addresses.

More short articles on cybersecurity: AdventHealth Orlando information event affects information of 1,514 individualsOCR settles HIPAA Right of Access case with Dignity Health for $160KRansomware attacks in healthcare doubled in Q3.