DataStat, Inc.
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
DataStat, Inc. Breach Overview
DataStat, Inc., a company specializing in survey data collection services and advanced reporting, experienced a data breach where an employee erroneously misdirected surveys to 487 individuals. This occurred due to a failure to follow the company’s reprint protocol after a printer paper jam. The breach involved protected health information (PHI), specifically demographic information including names and addresses. DataStat provided breach notification to the Department of Health and Human Services (HHS) and the affected individuals. In response to the incident, DataStat improved technical safeguards to assist with quality assessment checks and issued a written warning to the involved employee. The Office for Civil Rights (OCR) obtained documentation that DataStat implemented the corrective actions[1].
It’s important to note that this breach is separate from other recent data breaches affecting Michigan residents, such as the cybersecurity breaches at Corewell Health, which impacted over one million patients. These breaches involved a different vendor, HealthEC, and exposed a wide range of personal and medical information[2][4][5][7][8][10][11][14][16][17].
For those affected by the DataStat breach, it is advisable to remain vigilant against identity theft and fraud by monitoring account statements and credit reports for suspicious activity. If you have been affected by a data breach, consider taking steps such as changing passwords, contacting financial institutions, and potentially placing a fraud alert on your credit file to prevent identity theft.
Citations:
- https://privacyrights.org/data-breaches/datastat-inc
- https://www.clickondetroit.com/health/2023/12/27/what-corewell-health-patients-in-se-michigan-need-to-know-after-another-data-breach/
- https://www.datastat.com/privacy.html
- https://www.michigan.gov/ag/news/press-releases/2023/12/01/corewell-health-data-breach-exposes-info-of-one-million-michigan-patients
- https://www.mlive.com/news/ann-arbor/2023/12/1-million-corewell-health-patients-could-be-impacted-by-second-data-breach.html
- https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
- https://www.mlive.com/public-interest/2023/12/frustrated-by-data-breaches-affecting-millions-in-michigan-nessel-urges-companies-be-held-responsible.html
- https://www.cbsnews.com/detroit/news/second-corewell-health-data-breach-impacts-one-million-patients/
- https://healthcareinnovation.vermont.gov/sites/vhcip/files/documents/26412-a2%20-%20DataStat%20Inc.pdf
- https://www.michigan.gov/ag/news/press-releases/2023/12/26/second-corewell-health-data-breach-exposes-info-of-one-million-michigan-patients
- https://www.fox2detroit.com/news/corewell-health-reports-second-data-breach-impacting-1-million-patients
- https://dvha.vermont.gov/sites/dvha/files/documents/Administration/DataStat%2033581-4%20Final%20Signed.pdf
- https://www.law360.com/articles/1783756/mich-resident-sues-software-co-provider-over-data-breach
- https://upnorthlive.com/news/local/corewell-data-breach-hospital-personal-information-exposed-patients-one-million-michigan-healthcare-healthec-cybersecurity-stolen-state
- https://www.michigan.gov/-/media/Project/Websites/dtmb/Procurement/Contracts/Folder30/190000001404.pdf?rev=e85115dddabc4ce8927b24434b31dbd2
- https://abcnews.go.com/Health/michigan-health-system-reports-2nd-data-breach-affecting/story?id=105937395
- https://www.abc12.com/news/health/corewell-health-data-breach-exposes-1-million-patients-data/article_a3d771f2-a4b8-11ee-b70e-d76f9fa6dc85.html
- https://www.steptoe.com/en/news-publications/its-all-about-that-databasemore-unexpected-trouble-for-companies-that-share-customer-information.html
- https://www.engadget.com/data-breach-of-michigan-healthcare-giant-exposes-millions-of-records-153450209.html
- https://www.datastat.com