Stay on top of the data and drug diversion risks that threaten your organization with Senseon’s Physical Security Breach Roundup. We bring you the most recent physical data breach and drug diversion announcements each month. If you want to learn more about what you can do to minimize the risk of your facility ending up on this list, we can help.
A judge has ruled that Flowers Hospital in Alabama must pay victims of a 2014 breach.
The judge recently approved a settlement between the hospital and 1,200 affected patients whose information was stolen from the hospital back in 2014. Flowers will pay the victims up to $150,000, with no punitive damages, and individual damages capped at $5,000.
The suit highlighted the hospital’s negligence in response to a deputy sheriff finding the records in a lab employee’s car during a traffic stop.
The employee later pleaded guilty to routinely taking files from the hospital and selling the information to people who then used it to complete fake income tax returns. With lawsuits filed by victims of breaches increasing, providers should take stories like this as a warning.
A laptop stolen from BCBS of Michigan has the organization scrambling to do damage control.
While the laptop itself was password-protected and encrypted, the employee’s access credentials may have been at risk of being compromised. BCBS is currently in the process of taking a new look at policies and procedures so they can implement new safeguards.
A Grand Rapids nursing facility finds itself doing a lot of explaining after one of their employees kept over 1,900 opioid tablets for herself.
The diversion occurred over a 2-year period. According to an investigation by the Minnesota Department of Health’s Office of Health Facility Complaints, other staff members were aware of the theft but failed to report any issues out of fear of retaliation by management and the employee themselves.
The facility, Majestic Pines Senior Living, is blaming the diversion on an employee manipulating the system in a way that was not easily detected. At the same time, senior special investigator, Darin Hatch, found that several family members had notified staff of concerns regarding missing medication.
Hatch found that staff members reported the employee creating an unnecessary “overflow area” in her office in a filing cabinet which no one else had access to.
A study out of the AJMC found that breaches were associated with a 64% increase in advertising expenditures in the 2 years after the breach.
The study included nonfederal acute care inpatient hospitals between 2011 and 2014 and concluded that the increased spending was due to efforts to manage the hospital’s image and minimize patient loss to competing facilities. It also highlighted the fact that the costs could be avoided through better data security.
Do any of these incidents sound familiar to you? Is it time to re-evaluate your physical security practices? Senseon’s multi-faceted physical security offerings can be an integral part of any proactive facility’s PHI security initiatives.