BOSTON (CBS) – South Shore Hospital has been hit with a $750,000 fine for allegations regarding a data breach that affected more than 800,000 people.
Back-up tapes containing individuals’ names, social security numbers, financial account numbers, and medical diagnoses were supposed to be erased at a facility in Texas, but two boxes full of those tapes were lost in the mail.
There have been no reports of the unauthorized use of the information.
The facility was never informed about what information was stored on the tapes and the hospital made no effort to make sure adequate safeguards were in place to protect the information, according to the Attorney General’s office.
“Hospitals and other entities that handle personal and protected health information have an obligation to properly protect this sensitive data, whether it is in paper or electronic form,” Attorney General Martha Coakley said in a statement.
The lawsuit is based on both federal and state law violations regarding safeguards, policies, and procedures to protect consumers’ information.
South Shore Hospital has agreed to undergo a review and audit of security measures along with the fine.
“The state’s review has been comprehensive and thorough,” Richard H. Aubut, South Shore Hospital president and chief executive officer said in a statement. “We appreciate that the Attorney General has recognized the steps we’ve taken to enhance our data-security systems and hope to be able to serve as a source of information about best practices for other health care providers.”