A business associate for a South Carolina cardiology practice caused a data breach when some patient’s personal information was inappropriately downloaded onto a flash drive.
The business associate, a leader in remote monitoring of cardiac patients, discovered that one of its employees had downloaded data including a range of demographic information such as patient names, birth dates, addresses, diagnoses and physician names, shortly before his employment ended.
Financial and insurance information was not accessed; although one patient’s Social Security number was downloaded, the cardiology practice said.
The flash drive misuse was uncovered by the business associate after police gave the company two storage drives that the former employee turned over to them after his departure from the company. A detailed forensic review revealed that patient information had been downloaded.
Law enforcement says they did not have any indication that the personal data had been misused.
Still, about one-fifth of the patients treated at Carolina Cardiology Consultants, will receive one year of identity protection and recovery services because of the breach.
Chivaroli and Associates Insurance Services is a full-service brokerage firm specializing in the custom-design and placement of insurance and alternative risk funding solutions for your healthcare organization.