Jail Time and Multi-Million Dollar Fines Echo Around the Industry
Stay on top of the physical risks that threaten your organization with our Physical Security Breach Roundup. We bring you the most recent physical data breach and drug diversion announcements each month. If you want to learn more about what you can do to minimize the risk of your facility ending up on this list, we can help.
Texas Hospital Slammed with $4 Million Physical Data Breach Penalty
HIPAA violations can mean serious blows to a hospital’s bottom line, even in the case of physical breaches. Just last month, an Administrative Law Judge ruled that the University of Texas MD Anderson had violated their HIPAA responsibilities to the tune of $4,348,000. The incident involved the loss of two unencrypted thumb drives and the theft of an unencrypted laptop from a physician’s home. The circumstances were compounded by the fact that during the investigation the Office of Civil Rights (OCR) found that the hospital’s risk analysis had revealed high-risk status going back to 2006 due to its lack of device-level encryption. The hospital had not acted on its vulnerability during that time.
Jail Time for Worker Accused of Stealing 1,000 Patients’ Information
The Veterans Affairs Medical Center in Long Beach is left dealing with PR cleanup after an employee stole the personal information of more than 1,000 patients. Albert Torres was arrested after police officers noticed he was driving a personal vehicle on the campus with a commercial plate. After pulling him over, one of the officers found a pillbox in his glove compartments for which Torres didn’t have prescriptions. They also found data for 14 patients including names, dates of birth and Social Security Numbers. A search of his apartment turned up flash drives and hard drives with patient data as well as stolen cleaning supplies.
Pharmacy Tech Sentenced to 2.5 years in Federal Prison for Stealing Fentanyl From Patients
Victor Van Cleave, a pharmacy technician at Iowa Methodist Medical Center, has been sentenced to 2.5 years in federal prison after being accused of stealing fentanyl from patients. Van Cleave admitted to using a syringe to remove liquid medications from vials assigned to patients who were undergoing surgery or giving birth. Van Cleave then injected himself, replacing the liquid medications with sterile water and returning the tampered vials into storage. Staff unknowingly used the water to treat multiple patients, leaving them to suffer excruciating pain during their treatments.
Healthcare Leads the Pack in Hidden Cost of Data Breach List
It’s common knowledge that data breaches are expensive, but a recent study from IBM revealed that the costs might be even higher than assumed. “Hidden” factors like lost business, negative impact on organizational reputation, and employee time invested in recovery add to the damage that breaches can cause. The study, which, for the first time also calculated the cost of “mega breaches,” specifically calls out healthcare’s unique spot in the ranking of per-breach cost. This is the 8th year in a row that the healthcare industry topped the list at $408 per stolen or lost record, a number that comes in at almost three times the cross-industry average.
Access Control Highlighted in Advice to Simplify Data Security for Front-Line Hospital Employees
A recent survey by the University of Phoenix College of Health Professions revealed that front-line hospital employees, including RNs and administrative staffers, show lower levels of confidence in their ability to protect their patient data. To address this issue, Paubox founder CEO, Hoala Greevy first recommends only providing access to necessary information, a concept that only one-third of their respondents indicated having policies or training procedures around.
Is it time to step up your medication storage and data security practices? Senseon’s biometric and physical security offerings can be an integral part of any proactive facility’s PHI security and drug safety initiatives.
