ASH data breach more extensive than initially reported
Posted April 8, 2021
- On March 18, the Department of State Hospitals (DSH) announced that an employee with access to Atascadero State Hospital data servers improperly obtained more than 1,400 patient and former patient names, more than 600 employee names, as well as COVID-19 test results and health information related to COVID-19 tracking.
- “The newly identified data was discovered during the investigation of the same employee,” according to a department statement. “DSH is continuing its investigation of the data breach and has placed the principal subject of the investigation on administrative leave pending completion of the investigation.”
- The breach was first detected on Feb. 25, and the investigation so far indicates that the individual started improperly accessing the data 10 months prior.
- To prevent a similar breach in the future, the department plans to log, monitor, and review administrator access and activity more regularly.
New Times SLO – Maria Martin | April 8, 2021