HIPAA Business Associate Data Breach Affects 21,856 People

The significance of checking system activity records has been highlighted by the latest HIPAA BA data breach.

Nebraska-centered CBS Consolidated Inc., DBA Cornerstone Business & Management Solutions, carried out a usual check of system records on July 10, 2017 and found out an unusual account on the computer network. A closer check of that account disclosed it was being utilized to copy confidential files from the computer network, including the PHI of patients who used its medical goods.

21,856 patients who got durable medical goods from the business by way of their Medicare treatment have possibly been impacted. The kinds of information got by the hacker contained names, dates of birth, insurance details, addresses, and Social Security numbers. Although private information was disclosed, the hacker was unable to get particulars of any medical disorders experienced by patients, nor particulars of any items bought or fiscal info.

It is presently not clear how the report was generated, even though an inquiry into the incident is continuing. CBS says after the detection of illegal access, the computer network was detached and access to files was stopped. Since the happening was exposed, CBS has been cautiously checking its methods and has found no additional proof of illegal access or data thievery.

Because of the confidential nature of data stolen by the hacker, all people affected by the breach have been provided 12 months of credit checking and identity thievery protection facilities free of charge. CBS is also revising its safety defenses and will be launching new administrative protections, providing extra training to employees on safety, and expanding technical protections to avoid future cases from happening.

This is the second gravest data breach informed by a HIPAA business associate thus far in 2017, after the 56,000-record breach informed by Enterprise Services LLC during June.