Risk to Business: 1.575 = Severe
Kentucky-based UofL Health has notified more than 40,000 patients of an employee blunder that resulted in their personal health information being emailed to the wrong address. In this case, a UofL employee accidentally sent personal health information from UofL patients to an email address outside of the health system’s network. According to UofL, the accidental recipient of the data did not view or access any patient information.
Risk to Business: 1.502 = Severe
Patients whose data was impacted by the incident have been offered free identity protection services. No specifics about what exact data was accessed have been released beyond personal health information. is primarily treatment-focused like diagnoses, lab and treatment information, medication information and health insurance identification.
Customers Impacted: 40,000
How it Could Affect Your Customers’ Business: Employee errors that impact compliance in a heavily regulated industry pack a punch after regulators get to work.
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.