A recent incident compromising the privacy of user-protected health information has been reported by Virginia Commonwealth University Health System.
The institution revealed the confidential health information of almost 4,000 individuals for 16 years. According to VCU Health's research, the information was available to donors, and recipients as early as January 4, 2006.
There is no proof, according to VCU Health, that any information has been exploited. There were 4,441 donors and beneficiaries in total for this incidence.
On February 7, 2022, a data leak was discovered. On March 29 and May 27, 2022, additional details about the categories of data involved, were disclosed. The information which could be seen in the medical records of other transplant patients or donors included names, Social Security numbers, lab results, medical record numbers, and dates of service.
Customers who are notified have been reminded to keep an eye out for any fraudulent behavior by regularly monitoring their financial account statements. Individuals who may have had their Social Security data exposed have been provided free credit monitoring.
''Many health care systems are built in a way that sensitive data, such as SSNs, DOBs, or other PII/PHI, is either not shared at all, is at least hidden on the screen by default, and reading them requires additional step-up verification.'' The Synopsys Software Integrity Group's Ashutosh Rana, a senior security consultant, stated.
