The Security Incident
A phishing attack between April-June 2019 compromised eight employee email accounts at Solara Medical Supplies, exposing sensitive data of 114,000+ individuals.
Impact and Information Exposed
- Names
- Social Security numbers
- Bank details
- Patient login credentials
- Medical diagnoses
- Contact information
Investigation Findings
HHS Office for Civil Rights discovered multiple HIPAA violations:
- Inadequate risk assessment
- Delayed breach notifications
- Failed media reporting requirements
Settlement Details
Solara agreed to a $3M payment and must implement:
- Enterprise-wide risk analysis
- Equipment and data storage inventory
- HHS-approved risk methodology
- Updated security policies
- Comprehensive staff training
Expert Commentary
OCR Director emphasizes rising cybersecurity threats and urges healthcare organizations to strengthen information security measures.
Discover the latest Provider news updates with a single click. Follow DistilINFO HospitalIT and stay ahead with updates. Join our community today!
Leave a Reply