University of Connecticut data breach caused by single employee
Comprehensive security systems are essential for companies of all sizes, especially as technology continues to evolve and organizations are more reliant on digital storage. However, business continuity plans must account for employee education. If workers do not understand the impact that their actions can have, it can cause devastating safety and security issues.
The University of Connecticut Health Center alerted patients that a former employee had breached 1,400 patient records. Specifically, the former worker accessed names, addresses, dates of birth, some Social Security numbers and other health data on January 7, according to CBS News.
The Health Center released a statement saying that the data has not been misused yet and that the employee in question should not have been able to obtain the sensitive information.
Iris Mauriello, the Health Center's privacy officer, said in the release that the organization sincerely regrets any inconvenience the incident may have caused patients.
"The actions of one person do not define the integrity of our entire workforce and all of our collective efforts to ensure the privacy of health records," she said. "Our patients rely on each of us to ensure safe and responsible use of the information with which we have been entrusted. We take that very seriously."
NBCConnecticut.com reported that prospective employees will now be required to go through training on patient privacy, and current team members will have ongoing training. Two years worth of free credit monitoring and identity theft insurance are being offered to affected patients as well.
While one incident does not necessarily define an entire organization, companies do not want to take the risk of ruining their reputation. Customers – or in this case patients – should be able to rely on a business. However, when data breaches do occur, a comprehensive business continuity plan can help guarantee quick business resumption.