Upper Valley Medical Center in Troy, Ohio, recently reported that it had been hit by a data breach
, but that notification seems to have been a long time coming.
The incident wasn't reported until July 3, but the medical center said it lasted from October 1, 2010 to March 21, 2012, according to a report from the Dayton Daily News
. To make matters worse, the details on exactly what happened to cause the breach and the information exposed in it has yet to be revealed.
In all, the breach affects more than 15,000 people who visited the medical center, the report said. Under rules set by the U.S. Department of Health and Human Services, organizations are required to alert victims whose unsecured personal health information were exposed in data breaches
when there are 500 or more victims.Ondrej Krehel
, chief information security officer for Identity Theft
911, has a blog about the ways consumers can better protect their personal data when it is exposed in such a breach.
© 2003-2012 IDentity Theft 911, LLC. All Rights Reserved