Skagit County in Washington state has agreed to a settlement of $215,000 following a 2011 breach of residents' protected health information, according to a report in the Seattle Times.
The breach occurred when payment receipts for healthcare services were inadvertently moved onto a public server and became accessible to search engines. The receipts contained patients' names as well as information about the services they received. The breach was discovered when one of the affected patients notified the state's Public Health Department she discovered her own receipt through a Google search. The information was promptly moved off the public server, and the department updated its security procedures and re-educated staff members, according to the report.
In addition to the monetary settlement, the county has also agreed to allow HHS to monitor its security and privacy practices to help prevent future incidents, according to the report.
More Articles on Data Breaches:
Patients Notified of Potential Data Breach After Laptop Stolen at Texas Physician's Office
Data Governance: Can Healthcare Organizations Afford Not To Govern Their Data?
UnitedHealth, 2 Hospitals Launch Investigation After Thousands of Patients' Information Sent to Oregon Man