In May, Kalispell Regional Hospital experienced a data breach, compromising as many as 130,000 patients' personal data.
"Hackers used fraudulent emails to bait employees into providing login credentials."
Hackers frequently target healthcare facilities with Phishing attacks to gain access to their systems. Once in, they can initiate ransomware and data theft attacks.
“KRH failed to ensure that its employees were adequately trained on even the most basic of cybersecurity protocols.”
The plaintiff alleges that proper cyber security training and protocols "would have prevented the data breach, or at least detected the breach much earlier.” Further, the complaint states that "KRH had the resources necessary to prevent a breach, but neglected to adequately invest in data security.”
“We have an expectation of privacy” and there should be “consequences when that expectation is violated,” [plaintiff] said.
Under Montana's Civil Code, plaintiffs could recover as much as $5,00o each in a successful lawsuit. With 130,000 records in question, the potential liability swells past a half billion dollars!
Are you a healthcare IT or security manager in need of implementing a Security Awareness Training program?
Click here to find out how to start today with INFIMA's fully-automated platform.
Original article here.
Join the newsletter to receive the latest updates in your inbox.