HealthBlawg

David Harlow's Health Care Law Blog

    • Twitter
    • Facebook
    • LinkedIn
    • RSS
    • Email
  • About
  • Archives
  • Podcast
  • Press
  • Awards/Reviews
  • HIPAA
  • HCSM

Data Breach: How Much Will One Cost You?

March 6, 2012

The going rate for a compromised medical record seems to be $1000 (well, at least that's the asking price) as seen in papers filed in the eleven class action lawsuits against Sutter Health following the theft of a desktop computer last fall.  The computer contained unencrypted protected health information on about 4.24 million members.  The eleven class action suits are likely to be consolidated for ease of handling by the courts.

For an outfit whose most recently reported year-end financials show just under $900 million in income on just over $9 billion in revenue, a $4.24 billion claim certainly qualifies as a big deal.  The data breach claims against Sutter Health were filed last year following its self-reporting of the computer theft, and are in the news again due to the potential consolidation.

The company had reportedly begun to encrypt its data last year, starting with more vulnerable mobile devices, and moving on to desktop computers, but had not gotten to the desktop in question by the time of the breach.  It remains to be seen how these facts end up affecting the final damages awarded in this case.

The takeaway for other covered entities and business associates out there: If the OCR HIPAA audits aren't enough of a motivation to get cracking with beefed-up data privacy and security protections, the potential exposure of Sutter Health in this class action suit should be reason enough to get started on this work as soon as possible, and to make it a high priority. Suits like these may be grounded both in state law and in indirect theories flowing from HIPAA/HITECH breaches (since there is no private right of action under HIPAA). The exposure is there, and a number's been put out there to quantify it. However expensive and inconvenient data encryption and other privacy and security measures may be, they are surely worth avoiding $1,000-a-head lawsuits and months of negative publicity.

David Harlow
The Harlow Group LLC
Health Care Law and Consulting
 
 

Filed Under: Health care policy, Health Law, HIPAA, HIT, Privacy

you might also like:

  1. Massive data breach. Time for sports analogies?

  2. Data Breach Analysis 2009-2012 – HITECH Experience Reviewed by HITRUST

  3. Lessons from the Anthem breach

« First lawsuit filed against a Business Associate under HIPAA / HITECH
HealthCare SocialMedia Review – A New Blog Carnival – To Launch In April »

Follow me on Twitter

David Harlow 💉😷 Follow 42,915 17,570

Mastodon @healthblawg@c.im #HealthCare #MedDevice #Compliance #Privacy @MyOmnipod #HIPAA #digitalhealth #HarlowOnHC #pinksocks Tweets are tweets No more no less

healthblawg
healthblawg avatar; David Harlow 💉😷 @healthblawg ·
2h 1620898131004072027

The Harlow #Healthcare #Innovation Daily #digitalhealth #hcldr #HarlowOnHC Thanks to @Mr_Don_Auto @KardonHIPAA @vadernauts #digitalhealth #healthtech

Image for twitter card

'She handed the police my entire prescription list': Customer claims CVS called the police on him, violated HIPAA

dailydot.com A TikToker revealed a CVS Pharmacy pharmacist called him “insane” and reported him to police ...

paper.li

Reply on Twitter 1620898131004072027 Retweet on Twitter 1620898131004072027 0 Like on Twitter 1620898131004072027 0 Twitter 1620898131004072027
healthblawg avatar; David Harlow 💉😷 @healthblawg ·
5h 1620842034113175552

ICYMI> Interoperability and NLP with Kyle Silvestro, CEO of SyTrue — Harlow On Healthcare https://healthblawg.com/2022/03/interoperability-nlp-sytrue.html?utm_source=twitter&utm_medium=social&utm_campaign=ReviveOldPost #digitalhealth #hcldr #hitsm

Image for the Tweet beginning: ICYMI>  Interoperability and NLP Twitter feed image.
Reply on Twitter 1620842034113175552 Retweet on Twitter 1620842034113175552 0 Like on Twitter 1620842034113175552 0 Twitter 1620842034113175552
healthblawg avatar; David Harlow 💉😷 @healthblawg ·
8h 1620801819612946434

The latest Harlow On Health Care Daily #HarlowOnHC #digitalhealth #healthcare #innovation #privacy #hcldr Thx: @TWDigitalHealth @MrsYisWhy @thecommunityvc #digitalhealth #healthtech

Image for twitter card

Artificial intelligence model finds potential drug molecules a thousand times faster

techxplore.com The entirety of the known universe is teeming with an infinite number of molecules. But what fraction...

paper.li

Reply on Twitter 1620801819612946434 Retweet on Twitter 1620801819612946434 0 Like on Twitter 1620801819612946434 0 Twitter 1620801819612946434
Load More
Follow me on Mastodon

HIPAAtools

Hipaatools

The HIPAA Compliance Toolkit

The Walking Gallery

The Walking Gallery

Quick Links

  • Home
  • Categories
  • Archives
  • Podcast Interviews
  • HIPAAtools
  • HIPAA Compliance
  • Health Care Social Media
  • Speaking
  • In the Press
  • Blogroll

David Harlow

David Harlow

HealthcareNOW Radio

Connect with David

  • Twitter
  • Facebook
  • LinkedIn
  • RSS
  • Email
  • Subscribe
  • Contact
  • Book Me: Speaking
  • About
  • The Harlow Group LLC
Copyright © 2006–2023
HealthBlawg is a publication of The Harlow Group LLC. See Copyright notice and disclaimer.
Fair use with attribution and a link is encouraged. Click for more on David Harlow.
[footer_backtotop text="Back to top" href="#"]