On the heels of the UPS, www.ups.com, security breach comes word of another data breach which has affected one of the nation’s largest hospital groups.

Community Health Systems, www.chs.net, owners of 206 hospitals in 29 states, had its data system attacked by allegedly hackers in China. The infiltration into the system compromised names, addresses, birthdates, telephone numbers, and Social Security numbers. All told, the breach affected 4.5 million people involved with the hospital group during the past five years.

However, patients are not the only ones affected by this situation. Medical providers could be sued for damages and negligence by the states attorney general and the patients as a result of the breach being a violation of the HIPAA (Healthcare Insurance Portability and Accountability Act) law.

The hospital is looking into filing a claim with the SEC (Securities and Exchange Commission) as a part of its protection plan. It has said the malware has been wiped clean from the system.

The hospital network is offering identity theft protection to patients who were affected by the incident.

Hospitals are required to follow HIPAA regulations when a breach happens. To avoid large fines, hospitals must follow certain preventative measures:

-proper security systems must be in place.

-a security solution must include logging of access for inside and outside a network.

–HIPAA training must be completed.

-a disaster recover plan must be installed.

-a backup appliance must be available on site in case of a breach.

Want to tweet about this article? Use hashtags: #security,#breach, #hospital, #hackers, #system, #medical