DataStat, Inc.

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

DataStat, Inc. Breach Overview

DataStat, Inc., a company specializing in survey data collection services and advanced reporting, experienced a data breach where an employee erroneously misdirected surveys to 487 individuals. This occurred due to a failure to follow the company’s reprint protocol after a printer paper jam. The breach involved protected health information (PHI), specifically demographic information including names and addresses. DataStat provided breach notification to the Department of Health and Human Services (HHS) and the affected individuals. In response to the incident, DataStat improved technical safeguards to assist with quality assessment checks and issued a written warning to the involved employee. The Office for Civil Rights (OCR) obtained documentation that DataStat implemented the corrective actions[1].

It’s important to note that this breach is separate from other recent data breaches affecting Michigan residents, such as the cybersecurity breaches at Corewell Health, which impacted over one million patients. These breaches involved a different vendor, HealthEC, and exposed a wide range of personal and medical information[2][4][5][7][8][10][11][14][16][17].

For those affected by the DataStat breach, it is advisable to remain vigilant against identity theft and fraud by monitoring account statements and credit reports for suspicious activity. If you have been affected by a data breach, consider taking steps such as changing passwords, contacting financial institutions, and potentially placing a fraud alert on your credit file to prevent identity theft.

Citations:

  1. https://privacyrights.org/data-breaches/datastat-inc
  2. https://www.clickondetroit.com/health/2023/12/27/what-corewell-health-patients-in-se-michigan-need-to-know-after-another-data-breach/
  3. https://www.datastat.com/privacy.html
  4. https://www.michigan.gov/ag/news/press-releases/2023/12/01/corewell-health-data-breach-exposes-info-of-one-million-michigan-patients
  5. https://www.mlive.com/news/ann-arbor/2023/12/1-million-corewell-health-patients-could-be-impacted-by-second-data-breach.html
  6. https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
  7. https://www.mlive.com/public-interest/2023/12/frustrated-by-data-breaches-affecting-millions-in-michigan-nessel-urges-companies-be-held-responsible.html
  8. https://www.cbsnews.com/detroit/news/second-corewell-health-data-breach-impacts-one-million-patients/
  9. https://healthcareinnovation.vermont.gov/sites/vhcip/files/documents/26412-a2%20-%20DataStat%20Inc.pdf
  10. https://www.michigan.gov/ag/news/press-releases/2023/12/26/second-corewell-health-data-breach-exposes-info-of-one-million-michigan-patients
  11. https://www.fox2detroit.com/news/corewell-health-reports-second-data-breach-impacting-1-million-patients
  12. https://dvha.vermont.gov/sites/dvha/files/documents/Administration/DataStat%2033581-4%20Final%20Signed.pdf
  13. https://www.law360.com/articles/1783756/mich-resident-sues-software-co-provider-over-data-breach
  14. https://upnorthlive.com/news/local/corewell-data-breach-hospital-personal-information-exposed-patients-one-million-michigan-healthcare-healthec-cybersecurity-stolen-state
  15. https://www.michigan.gov/-/media/Project/Websites/dtmb/Procurement/Contracts/Folder30/190000001404.pdf?rev=e85115dddabc4ce8927b24434b31dbd2
  16. https://abcnews.go.com/Health/michigan-health-system-reports-2nd-data-breach-affecting/story?id=105937395
  17. https://www.abc12.com/news/health/corewell-health-data-breach-exposes-1-million-patients-data/article_a3d771f2-a4b8-11ee-b70e-d76f9fa6dc85.html
  18. https://www.steptoe.com/en/news-publications/its-all-about-that-databasemore-unexpected-trouble-for-companies-that-share-customer-information.html
  19. https://www.engadget.com/data-breach-of-michigan-healthcare-giant-exposes-millions-of-records-153450209.html
  20. https://www.datastat.com
Breach Submission Date Aug 08, 2022
Converted Entity Name DataStat, Inc.
Converted Entity Type Business Associate
State MI
Individuals Affected 1,650
Breach Type Unauthorized Access/Disclosure

Breach Information Location Paper/Films

Business Associate Present Yes