Uncategorized

Lost Military Backup Tapes Results in HIPAA Violation Affecting 4.9 Million

onlinetech
onlinetech
3 Min Read

The most recent HIPAA violator appears to be a contractor for the Pentagon. TRICARE, the Defense Department’s healthcare program, reported what may be the largest health information breach documented in HIPAA history since the HITECH Act was established in 2009. Nearly 4.9 million patients of San Antonio area military hospitals and clinics have been affected by the loss of data backup tapes. These tapes contained an archive of sensitive information dating from Sept. 7, 2011, back to 1992.

The most recent HIPAA violator appears to be a contractor for the Pentagon. TRICARE, the Defense Department’s healthcare program, reported what may be the largest health information breach documented in HIPAA history since the HITECH Act was established in 2009. Nearly 4.9 million patients of San Antonio area military hospitals and clinics have been affected by the loss of data backup tapes. These tapes contained an archive of sensitive information dating from Sept. 7, 2011, back to 1992.

While an ongoing investigation takes place, the only details released include what kind of data lost (personally identifiable sensitive information and protected health information, including SSNs, names, addresses, clinical notes, lab tests and prescriptions), as well as the fact that the backup tapes were not encrypted. Although breaches of encrypted data do not have to be reported, it is still a recommended best practice for the minimum security to meet PCI and HIPAA compliance and protect patient data.

The exact cause of the loss has not been disclosed, and Vernon Guidry, a spokesman for Science Applications International (SAIC), the organization that reported the breach, has confirmed that it was “not an electronic breach” but “a loss of magnetic storage media.”

More Read

How Does Email Help You As A Doctor?
Breaking News: HHS Proposes 1 Year Delay to ICD-10
Healthcare Cloud Definitions Should Be Based on NIST’s Definitions
Interview/Podcast: Tim Fowler Discusses Bluetooth®-Low-Energy Enabled iPhone M-Health App Pt.2
How Experienced Physicians are Transitioning to Electronic Medical Records

Cases such as these present an opportunity for lessons learned – always go with encryption when it comes to storing or transmitting sensitive data, and when outsourcing your offsite backup and data storage to an IT contractor, make sure they have HIPAA/HITECH regulated policies and procedures in place.

Get more information about policies, procedures and audits a HIPAA compliant data center should have in place, or watch our previously recorded HIPAA webinar to hear our guest speaker Attorney Tatiana Melnik explain the legal implications of HITECH/HIPAA.

Sources:
TRICARE Breach Affects 4.9 Million
Official TRICARE Data Breach Statement
Data Breach Exposes 4.9 Million TRICARE Patients

  

TAGGED:
Share This Article

Stay Connected

Latest News

travel nurse in north carolina
Balancing Speed and Scope: Choosing the Nursing Degree That Fits Your Goals
Nursing
intimacy
How to Keep Intimacy Comfortable as You Age
Relationship and Lifestyle Senior Care
engineer fitting prosthetic arm
How Social Security Disability Shapes Access to Care and Everyday Health
Health care
a woman explaining the document
How a DUI Lawyer Can Help When Your Future Health Feels Uncertain
Public Health

You Might also Like