[Dataloss] Oregon: Attorney General settles with Providence over data breach
Dissent
Dissent at pogowasright.org
Tue Sep 26 19:24:51 EDT 2006
http://www.kgw.com/business/stories/kg_w092606_health_providence_settlement.1cafd2ec.html
Providence Health System and state Attorney General Hardy Myers filed
a settlement agreement Tuesday over a data breach at the health system.
In December 2005, backup tapes and computer disks with personal
information on 365,000 patients were stolen from a Providence
employee's car. The data was not encrypted.
The attorney general's office said it had no confirmed reports of
identity theft associated with the case.
As part of the settlement, Providence will continue to provide free
credit monitoring services for patients who may have been affected.
It will also provide credit restoration to any patients who become a
victim of identity theft. The company must increase its security
programs and also pay patients for any direct financial losses
related to the breach.
The settlement brings the nine-month investigation to an end. Myer's
office said the case is the largest data breach ever reported in Oregon.
More information about the Dataloss
mailing list