Largest Health Data Breach of 2016

Largest Health Data Breach of 2016

Last week, Banner Health, one of the largest health systems in the country, posted notice of this year’s most substantial health care data breach.  A cyber attack affecting as many as 3.7 million patients, employees, beneficiaries, and customers was discovered almost a month after initially taking place on June 13, 2016.  The breach included patient names, addresses, and social security numbers; food and beverage customer payment card data, internal verification codes, and expiration dates; and provider names, Drug Enforcement Agency numbers, Tax Identification Numbers, and National Provider Identifier numbers.  Banner is currently working with a forensics firm to prevent any additional unauthorized access to protected health information.  They have also contracted with a third party to provide free credit and identity monitoring services to affected individuals for one year.

Based on recent reports, however, remedial steps undertaken by Banner may not be enough to satisfy those parties harmed.  Banner now faces a class action suit filed on behalf of Banner employee Dr. Howard Chen and other affected individuals.  The plaintiffs seek compensation for identity and credit protection and allege Banner failed to implement appropriate security policies.  Further, plaintiffs argue that free monitoring services for one year will do little to protect their confidential information as cyber attackers often wait until years after a hack to exploit victims.

Read more about the breach here.

Justin A. Pope, JD
Associate Risk Manager

Justin Pope joined PRMS in 2014. Mr. Pope is responsible for researching emerging legal issues, creating online risk management content, and providing advice to individual providers through the Risk Management Consultation Service.

As a law student, he focused primarily on international, administrative, and food law. During his final year at Howard, Mr. Pope gained additional insight into the FDA’s regulatory process while serving as a research assistant to his professor. He has also interned as a legal assistant for both the Ft. Monroe Garrison Office of the Staff Judge Advocate and the Office of the Naval Inspector General, opining on a variety of legal issues, including privacy law. Mr. Pope received his Bachelor of Arts degree in International Affairs from the University of Virginia and his Juris Doctor degree from the Howard University School of Law.

Categories: Risk Management

4300 Wilson Boulevard, Suite 700, Arlington, VA 22203
(800) 245-3333  |

Professional Risk Management Services® © 2024

Actual terms, coverages, conditions and exclusions may vary by state and are subject to underwriting. Insurance coverage provided by
Fair American Insurance and Reinsurance Company (FAIRCO), New York, NY (NAIC 35157). FAIRCO is an authorized carrier in California, ID number 3715-7.
PRMS, The Psychiatrists' Program and the PRMS Owl are registered Trademarks of Transatlantic Holdings, Inc., a parent company of FAIRCO.