Protected health information for over 32,000 compromised by vendor firewall blunder.
The following is a perfect example of why detection should be in real time!
Officials released a statement Thursday about an incident which compromised the protected health information of over 32,000 patients in 48 states all due to the failure of a health IT vendor’s firewall. Some data was even allowed to be indexed by Google during the month-long lapse in firewall protection.
Cogent Healthcare used software vendor M2ComSys to store protected health information. Although the healthcare company believed the site to be secure, M2’s firewall was down for over a month before they discovered the lack of security. PHI such as patient names, physician names, birth dates, medical history, and medical record numbers were all compromised.
Cogent Healthcare released a notice saying, “Our organization takes information security and patient privacy very seriously. We deeply regret this situation and any inconvenience this may cause our hospital partners and their patients.” Immediately following the breech, Cogent Healthcare terminated its relationship with M2ComSys and is currently confirming the removal of all PHI from Google’s files.
Our Event Log Management software works to prevent situations like this one from occurring by monitoring security risks in real time! Check out our ELM System!
Original article by Erin McCann.
Read the full story here.