Electronic Health Records

Policy & Regulation News

Stephen Fletcher is fired for health data breach in Utah

By Kyle Murphy, PhD

The Salt Lake Tribune reported the firing on Tuesday. In an attempt to restore the faith of his constituents, Utah’s governor Gary Herbert announced that he terminated Stephen Fletcher, Director of the Department of Technology Services, after asking for and not receiving the latter’s resignation. Gov. Herbert also fired the contractor responsible for providing software that lacked appropriate encryption.

As we reported in March, the health data security breach exposed protected information of 780,000 individuals, which included their Social Security numbers. According to the report, the breach was made possible because a default password wasn’t changed.

In the wake of the attack, data will be encrypted not only in transit but also at rest. All IT systems in the state will undergo an independent security audit to reveal any lingering vulnerabilities. Also, the governor has hired an ombudsman to oversee the process of helping victims protect their identities.

Related Articles:

Stiffer encryption means better protection for PHI or EHR
• HIPAA violations need proactive solutions
• HIMSS latest report on EHR data security
• Potential threats to EHR on the web and in the cloud
• Data migration can leave your information vulnerable

Get the latest EHR News and Information delivered right to your inbox. Sign up for the free EHRintelligence newsletter. And follow @EHRIntel for daily updates.