PHI Exposed After E-Mail Breach at Mental Health/Substance Abuse Provider
When it comes to securing a patient’s protected health information, mental health and addiction treatment providers have to take greater precaution due to the especially sensitive nature of the data that is handled. Illegal drug users are not protected under anti-discrimination laws meaning that a data breach puts their personal lives at risk of many negative impacts. Unfortunately, many mental health institutions lack the means to properly protect themselves and their patients from a breach and so they have become prime targets for hackers.
Sound Community Services Inc., a New London, Connecticut based non-profit for mental health and substance abuse disorders, recently discovered an email hack involving the PHI of patients. Most email related hacks are caused by phishing attacks, the use of weak or the same passwords across multiple accounts, or the sharing of user credentials. An investigation was launched immediately when suspicious activity was noticed on the email account containing the PHI of 1,278 patients.
Although there was no evidence that this information was misused or accessed by the unauthorized hacker, the sheer volume of patients whose data was potentially put at risk by something as commonplace as email is still concerning. It demonstrates that breaches can occur with some of the most commonly used tools and how taking preventative measures is better than waiting for a breach to happen to take action.
Read the entire article here, PHI Exposed After E-Mail Breach at Mental Health/Substance Abuse Provider — Communication Matters
via the fine folks at Lua Messaging