Uncategorized

Lost Military Backup Tapes Results in HIPAA Violation Affecting 4.9 Million

onlinetech
onlinetech
3 Min Read

The most recent HIPAA violator appears to be a contractor for the Pentagon. TRICARE, the Defense Department’s healthcare program, reported what may be the largest health information breach documented in HIPAA history since the HITECH Act was established in 2009. Nearly 4.9 million patients of San Antonio area military hospitals and clinics have been affected by the loss of data backup tapes. These tapes contained an archive of sensitive information dating from Sept. 7, 2011, back to 1992.

The most recent HIPAA violator appears to be a contractor for the Pentagon. TRICARE, the Defense Department’s healthcare program, reported what may be the largest health information breach documented in HIPAA history since the HITECH Act was established in 2009. Nearly 4.9 million patients of San Antonio area military hospitals and clinics have been affected by the loss of data backup tapes. These tapes contained an archive of sensitive information dating from Sept. 7, 2011, back to 1992.

While an ongoing investigation takes place, the only details released include what kind of data lost (personally identifiable sensitive information and protected health information, including SSNs, names, addresses, clinical notes, lab tests and prescriptions), as well as the fact that the backup tapes were not encrypted. Although breaches of encrypted data do not have to be reported, it is still a recommended best practice for the minimum security to meet PCI and HIPAA compliance and protect patient data.

The exact cause of the loss has not been disclosed, and Vernon Guidry, a spokesman for Science Applications International (SAIC), the organization that reported the breach, has confirmed that it was “not an electronic breach” but “a loss of magnetic storage media.”

More Read

Health in a Networked Life
Server Hack Leads to HIPAA Violation by Utah Department of Health
How Personal Injury Lawsuits Can Affect Your Relationship
NIST Recommendations for Security in the Outsourced Cloud
HIPAA Compliance: What Is It, Why Is It Important, And How To Simplify It?

Cases such as these present an opportunity for lessons learned – always go with encryption when it comes to storing or transmitting sensitive data, and when outsourcing your offsite backup and data storage to an IT contractor, make sure they have HIPAA/HITECH regulated policies and procedures in place.

Get more information about policies, procedures and audits a HIPAA compliant data center should have in place, or watch our previously recorded HIPAA webinar to hear our guest speaker Attorney Tatiana Melnik explain the legal implications of HITECH/HIPAA.

Sources:
TRICARE Breach Affects 4.9 Million
Official TRICARE Data Breach Statement
Data Breach Exposes 4.9 Million TRICARE Patients

  

TAGGED:
Share This Article

Stay Connected

Latest News

Slips and falls can happen in the blink of an eye, often in spaces we believe to be safe. A brief moment of misstep
When a Simple Fall Becomes a Serious Health Concern
Health
How Setting Boundaries Helps Trauma Survivors Heal
Health
how to improve REM sleep
Unlock Better Sleep: How to Improve REM Sleep Naturally
Wellness
uv protection in winter
Winter Sun Safety: Why UV Protection Matters Year-Round
Health

You Might also Like