Posted on Sep 8th, 2017
Posted By TGSI
Healthcare organizations must guarantee that they have comprehensive and regularly updated administrative safeguards, such as user authentication procedures and proper access control with all healthcare facility. A failure to have these in place, or having outdated ones, could potentially lead to a data breach. This was proven in a recent Pennsylvania federal grand jury case, where a man was indicted on charges stemming from a healthcare hacking incident in 2013. A Texas man was indicted on Intentional Damage to a Protected Computer and Wire Fraud, and potentially faces a maximum total sentence of 30 years in prison, a fine of $500,000 or both, according to a Western District of Pennsylvania US Attorney’s Office statement.
“[Brandon A. Coughlin] intentionally hacked and damaged 13 servers operated by a local healthcare facility and engaged in a scheme to defraud that healthcare facility by using its purchase card to order merchandise from Staples,” the press release read. The facility hired Coughlin in January 2013 to work as an in-house computer systems administrator, although Coughlin resigned one month later at the management’s request.1
“Using the administrative passwords, he knew from his employment, on September 18, 2013, Coughlin hacked the computer network of the healthcare facility, disabled all administrative accounts needed to control any and all of the computer servers of the healthcare facility, and deleted users’ network shares, business data, and patient health information data, including patient medical records, causing a loss of more than $5,000.00,” the Attorney’s Office explained.1
Telegenisys has instituted physical, technical and administrative safeguards to ensure that its client’s data is safe from all unauthorized access. This includes all forms of medical records and electronic private health information. know more…