614-322-2222 or 877-770-8324

Healthcare Data Breach in Milwaukee

Mar

13

Healthcare Data Breach in Milwaukee

 

Another health care data breach was just reported this week, this time it was Milwaukee City employees who were the victims. The breach happened after a Dynacare employee’s car was stolen. In the car was the employees’ purse that had a flash drive in it containing personal health care information (PHI) the Milwaukee Journal Sentinel reports.

The city handed the data over to Froedtert Health, a public health organization. Foredtert Health then passed the data along to Dynacare who they have their clinical laboratory needs contracted out to. The stolen flash drive contained the names, addresses, DOB, genders and social security numbers of 6,000 employees, as well as an additional 3,000 spouse/partners names. The data was stolen on October 22 and was not reported by Dynacare to the city until November 15th. Apparently they reported the breach to Health and Human services prior to the city, but the city is still very upset at the late notice. What is most concerning is that fact that the data was given to Froedtert encrypted, but it was not encrypted as it changed hands down the line.

Being that this breach was just reported it is still unknown just how bad this could turn out and how much it will end up costing the involved parties. In our blog last week, University Health was responsible for providing credit monitoring and identity theft for one year to those individuals whose data was lost. Providing this service is pretty commonplace, it is safe to assume that they will responsible for providing similar services at the very least. Costs can add up quickly, so there is a strong possibility that they will be on the hook for more.

This is simply another case of not having a proper procedure from beginning to end. While the data did not walk off from the facility, it might as well have. There needs to be a strict process in place that all vendors and third party business associates need to follow. This process needs to be enforced and adhered to every step of the way. It doesn’t matter who is the most responsible for the breach, all parties involved are responsible in the end, and it’s their patients that are taking a hit.



  • Providing complete “Cradle to Grave” data eradication solutions, sound experience, industry best practices and resources to support you.


  • About An Industry Leader

    TechR2 is the only company in the industry that has earned a US patent for its Track-Contain-Destroy-Verify data security process, is OEM approved, upholds critical ISO certifications, and is recognized for compliance with GDPR, NIST and all governmental regulations concerning data destruction, including ISO 27001, ISO 14001, ISO 9001, and ISO 45001.


  • Why risk it? Get started today!
    Call 614-322-2222 or use this form.