« Disaster Recovery

Kaiser Permanente suffers from fourth data breach since 2009

Malware was installed into one server at Kaiser's research facilities in February, affecting more than 5,000 patients.
Malware was installed into one server at Kaiser's research facilities in February, affecting more than 5,000 patients.

Businesses have been working toward a paperless work environment, but every innovation has its limits. Electronic records are easier to update and access, but without the proper cyber security measures in place, the exposure is extremely dangerous.

Data breaches are seen as a breach in trust, which may result in a loss of revenue and clients in the near future. At Kaiser Permanente in California, the hospital network's research division issued a letter to affected patients about the malware incident. This makes it Kaiser Permanente's fourth data breach within a five year period, affecting thousands of patients.

"We have no indication that your information has been used for fraud or other criminal activity," Kaiser's letter reads. "We have found no evidence to date that the information on the server or connected to the server was ever actually opened, copied or used by any unauthorized persons."

The data breach occurred earlier this year in February and estimates show that information on more than 5,000 patients could be affected. Personal data placed at risk includes age, first and last name, gender, but other details like their address, ethnicity, lab results, medical record number, lab results and research questions could be included.

"We have confirmed that the infection was limited to this one compromised server, and that all other DOR servers were and are appropriately protected with anti-virus security measures," Tracy Lieu, MD, director of the division of research at Kaiser Permanente, told Healthcare IT News.

Cyber security is becoming a larger priority to organizations and business owners, but action after the incident is equally as important. It may not be enough to repair the server glitch, some customers would like to receive updates on the affected accounts. Business continuity consultants can help companies establish disaster recovery protocols.