Senior Communications Manager
Kirk Nahra Comments on Recent Data Breaches Revealing Patients’ Mental Health Information
Kirk J. Nahra, chair of Wiley Rein’s Privacy Practice and co-chair of the Health Care Practice, was quoted in a September 9 HealthCare Info Security article regarding recent data breaches that revealed the sensitive personal information of patients receiving mental health and substance abuse treatment. These breaches were the result of both targeted cyberattacks and the mishandling of patient files by a hospital employee. According to the article, the potential “reputational harm” caused by these breaches could warrant the development of more stringent security measures.
“Organizations may decide to implement additional safeguards for ‘more sensitive’ information, but that isn’t necessarily a requirement,” noted Nahra. “From a patient perspective, this information typically could create more reputational concerns than other kinds of medical information.”
Mr. Nahra added that implementing additional security measures to protect this sensitive patient data may be difficult for some organizations. “A lot of the groups that have this kind of information are state-run, or nonprofits, or others that may have fewer resources,” he said.
Nahra added that this patient information “certainly is sensitive, which is an important factor in any risk assessment related to a security breach, in determining whether notification is required.”
To read the full article, please click here.