"More than IT"          951-732-7401     Subscribe to Cyber Security Bulletin

The California attorney general's office has smacked Cottage Health System, which operates five hospitals in the Santa Barbara area, with a $2 million settlement in the wake of breaches in 2013 and 2015 that exposed data on about 55,000 patients. The settlement offers a critical reminder of the importance of implementing safeguards to protect patient data from exposure on the Internet.

"Numerous basic information security practices appear to have been neglected or violated at Cottage Health," says security and privacy expert Kate Borten of The Marblehead Group consultancy. "In these times, even the smallest providers should understand and follow reasonable practices or contract with a reliable IT security vendor. There's no excuse for these types of breaches any more."

The hefty penalty imposed in the case also is an example of the enforcement power that state attorneys general can exercise, regardless of whether federal HIPAA enforcers take action.

For more information

Source: https://www.healthcareinfosecurity.com/health-data-breaches-lead-to-2-million-california-penalty-a-10480