Utah extends credit monitoring for healthcare data breach victims

According to the Salt Lake City Tribune, Utah lawmakers agreed to spend $1 million to extend credit monitoring for a second year, while the Utah Department of Health was granted $300,000 to hire additional IT staff.

Last April, social security numbers of up to 780,000 individuals were stolen from the the Utah Department of Health’s (UDOH) Department of Technology Services server, which resulted in a statewide data auditing and the firing of the state's technology director.

"We’re taking this very seriously," said Sheila Walsh-McDonald, the health department’s new data-security ombudswoman. "The fraud protection will be extended automatically. Consumers won’t have to do anything. They will get notification from Experian and the monitoring will be extended a year from the date they signed up."

The state's government continues to take steps to remediate the victims. Walsh-Macdonald was hired in the aftermath to oversee individual case management, credit counseling, and public outreach for the data breach victims. Earlier in the year a bill, S.B. 20, sponsored by Sen. Stuart Reid (R-Ogden), was introduced in the state legislature that would establish a team of experts to identify best practices for safeguarding data privacy and then see to it that the practices are appropriately implemented.

Affected Utah residents may appreciate the credit monitoring and security improvements, but compensation is something many are wondering about, according to the Tribune.

Federal officials are investigating Utah’s breach and weighing possible fines, but there’s no guarantee that a penalty will translate into victim compensation.

What’s Hot on Infosecurity Magazine?