Joint Commission

9,900 patient data breach at Holy Cross Hospital

September 3rd, 2013

Holy Cross Hospital in Fort Lauderdale, Florida had sent a notice to 9,900-patients about a data breach that occurred between November 2011 and August 2013.

Holy Cross is accredited by the Joint Commission and was the first hospital in Broward County to be designated as a Magnet Hospital by the American Nurses Credentialing Center.

Patient names, dates of birth, addresses and Social Security Numbers were accessed by a Holy Cross Hospital employee. A hospital investigation found that the employee intended to use the information for fake tax return purposes. “The employee was terminated, and efforts are underway to prosecute this individual to the fullest extent possible. Holy Cross Hospital takes this issue very seriously. Although evidence does not indicate that the patient information was used for other forms of identity theft and fraud, all patients affected by this incident have been notified by mail and are being offered free credit monitoring services.” the hospital said in a statement.

The employee who stole the data was fired by the hospital and said it wants him to face criminal prosecution. It also arranged a dedicated call center for affected patients who had questions regarding this data breach incident. It was hard to make out from the reports how the records were accessed, whether they were on paper or electronic, what rules the organization had in place to prevent this type of breach and how it plans to avoid similar incidents in the future.

Healthcare organizations need to act as their own watchdogs, so to speak, to protect their patients and themselves from the dangers of a data breach. Getting all the laptops and systems encrypted will also help them protect their data.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta