- HIPAA Update - http://blogs.hcpro.com/hipaa -

Clay County Hospital PHI held for ransom

securitycomputer [1]Clay County Hospital in Flora, Illinois, received an anonymous email November 2 from someone threatening to release PHI to the public if the hospital did not agree to a ransom, according to a press release. [2]

The email contained the stolen PHI that the sender threatened to release. The sender obtained names, addresses, Social Security numbers, and dates of birth of patients treated at Clark County Hospital clinics prior to February 2012, according to the press release.

The hospital launched its own breach investigation, notified law enforcement, and began notifying all affected patients after learning that the PHI of its patients had been compromised. The investigation revealed that the hospital’s servers were not hacked, although the hospital plans to strengthen its security measures by implementing additional logging and auditing systems, according to the press release.