Camrose medical clinic experienced a data security incident.
A Camrose medical clinic employee has been fined and given 180 hours of community service after improperly accessing the health records of friends and others.
She was put on a three-year probation after pleading guilty.
It is an offense to access records in contravention of the Health Information Act.
TPRM report: https://scoringcyber.rankiteo.com/company/camrose-medical-partnership
"id": "cam213319123",
"linkid": "camrose-medical-partnership",
"type": "Data Leak",
"date": "09/2020",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Healthcare',
'location': 'Camrose',
'name': 'Camrose Medical Clinic',
'type': 'Healthcare Provider'}],
'attack_vector': 'Internal Threat',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Health records'},
'description': 'A Camrose medical clinic employee improperly accessed the '
'health records of friends and others, resulting in a fine and '
'community service.',
'impact': {'data_compromised': 'Health records',
'legal_liabilities': 'Fine and community service for the employee'},
'motivation': 'Unauthorized access to personal information',
'post_incident_analysis': {'root_causes': 'Improper access control'},
'regulatory_compliance': {'legal_actions': 'Employee fined and given '
'community service',
'regulations_violated': 'Health Information Act'},
'response': {'law_enforcement_notified': 'Yes'},
'threat_actor': 'Employee',
'title': 'Data Security Incident at Camrose Medical Clinic',
'type': 'Data Breach',
'vulnerability_exploited': 'Improper access control'}