Hospital Stops Unencrypted Data Transfer to 3rd Party

Hospital Stops Unencrypted Data Transfer to 3rd Party

Problem corrected before criminals found it and took advantage

A hospital figured out that it was sending unencrypted data over the internet before it was too late.

A hospital organization had a problem with unencrypted patient data being transferred online to a third-party medical record storage company.

A newly acquired clinic was using an outdated virtual desktop image to send patient data to a third-party vendor. By using the old image, the clinic unknowingly sent the data without encryption over the internet. That type of event could have led to a HIPAA violation ($408/record), and worse yet, unauthorized disclosure to cybercriminals.

Fortunately, the hospital had recently signed on for Critical Insight Managed Detection and Response.

A SOC analyst saw the problem and quickly flagged it, calling the contact at the hospital. The hospital was able to quickly fix the problem before it was detected by criminals, eliminating the exposure.

Quote icon

Should a breach occur after an acquisition or merger, the newly integrated organization’s risks are significant. Fines for compromised patient records, lost revenue from the damage to the company’s reputation, and increased oversight from regulatory bodies are all bad outcomes that are avoidable.

Fred Langston
EVP of Professional Services and Healthcare Security

Critical Insight contact background

Talk to one of our cybersecurity experts

245 4th St Ste 405Bremerton, WA 98337

Looking for careers?

View all job openings

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.