Any breach that involves healthcare data is going to cost the company a pretty penny in cleanup and fines.
Service providers can be a source of data breach risk and an incident like this will be very expensive for every organization involved.
This will be an expensive employee mistake (and training failure) once regulators get finished with penalties for this incident.
Teaching employees to make good, strong passwords and handle them safely with security awareness training prevents problems like this.
Healthcare providers in the US don’t just have to worry about the standard expenses of a data breach, they face big regulatory penalties too..