Colorado assisted living facility fined for cyber breach

Broomfield (Colo.) Skilled Nursing and Rehabilitation Center settled with the state attorney general's office and agreed to pay a fine of up to $60,000 after a cyberattack exposed private information about thousands of patients and employees, CBS News reported Sept. 24.

The 210-bed assisted living facility, now known as Adara Living, discovered two employee emails had been compromised in March 2021. Tens of thousands of emails in those accounts contained personal, financial and medical data dating back to 2016. 

The attorney general's office alleged the facility did not have a paper or electronic data disposal policy in place and accused it of waiting months before notifying affected patients, instead of notifying them within 30 days as required by law.

In the settlement, Broomfield agreed to pay between $35,000 and $60,000, to develop a disposal policy and an incident response plan, to update its information security system and to review the safeguards annually and submit compliance reports.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars