Big Security Blot for Cottage Health
Protected health information for about 32,500 patients of Cottage Health System could have been exposed on the Internet for up to four years.
Protected health information for about 32,500 patients of Cottage Health System could have been exposed on the Internet for up to four years.
The Santa Barbara, Calif.-based delivery system is offering affected patients--treated at four hospitals--identity restoration services from ID Experts if any of the information is misused. Cottage Health on Dec. 2 discovered that a third-party vendor appeared to have removed electronic security protections from one of its servers without informing Cottage, resulting in the exposure of certain information stored on the server, according to an statement from the organization.
Patients being notified were treated at the affected hospitals between Sept. 29, 2009 and Dec. 2, 2013. Cottage Health has no evidence the exposed information was used in any way. Compromised data included name, address, date of birth, and limited clinical information for some of the patients. Social Security numbers, financial information and drivers license numbers were not on the server.
The delivery system immediately removed the server from service and is auditing its security protocols.
The Santa Barbara, Calif.-based delivery system is offering affected patients--treated at four hospitals--identity restoration services from ID Experts if any of the information is misused. Cottage Health on Dec. 2 discovered that a third-party vendor appeared to have removed electronic security protections from one of its servers without informing Cottage, resulting in the exposure of certain information stored on the server, according to an statement from the organization.
Patients being notified were treated at the affected hospitals between Sept. 29, 2009 and Dec. 2, 2013. Cottage Health has no evidence the exposed information was used in any way. Compromised data included name, address, date of birth, and limited clinical information for some of the patients. Social Security numbers, financial information and drivers license numbers were not on the server.
The delivery system immediately removed the server from service and is auditing its security protocols.
More for you
Loading data for hdm_tax_topic #reducing-cost...