Franciscan Health Data Breach Exposes 2,200 Patients Medical Records
Exploit: Unauthorized network access Franciscan Health: Healthcare system offering services in Indiana and Illinois
Risk to Small Business: 1.777 = Severe: A rogue employee accessed extensive medical records pertaining to physicians, diagnosis, lab results, medications, and other treatment-related information. Although the employee worked in the company’s quality research department, he had no business-related reason for accessing this private health data. Fortunately, the company quickly identified the privacy breach and took action against the employee. However, they will now have to contend with the cost of providing identity theft protection services to those impacted by the breach, along with the less quantifiable reputational losses that accompany a data breach
Individual Risk:1.8571 = Severe: Currently, there is no indication that the rogue employee downloaded or shared any personally identifiable information. However, the employee did have access to sensitive data, including patients’ names, email addresses, dates of birth, phone numbers, gender, race, partial social security numbers, and medical record numbers. Those impacted by the breach should review and monitor their financial accounts and their benefits statements for suspicious activity.
Customers Impacted: 2,200 How it Could Affect Your Customers’ Business: A company’s workforce can be one of the most significant sources of cybersecurity risk, but any organization has the ability to transform their staff into the strong defense against a data breach. With the right awareness training, employees can learn to spot cybersecurity threats proactively by learning industry-wide best practices. As the costs associated with data breaches continue to grow incredibly steep, such training is becoming a relative bargain.