A customer could be someone who comes to you for a service like web design, or a customer could be someone that needs a service like medical care or even getting services like money from the government like social security or similar in other countries.
One of the things that people in my circle was talking about was an article I posted to TSB’s email list that is titled One year later, Tift Regional Medical Center notifies patients of Hive attack.
While there are linked items within this short article, one big paragraph got people in my circle talking. The last paragraph from Databreaches.net’s article says:
Tift’s letter to patients does not reveal that data was shared with journalists or leaked on the dark web. Nor does it explain why, if there was no encryption, it took them a year from discovery to make notifications.
My big question was why it took a year for them to notify anyone. If I were breached, and it took me 30-60 days to be notified, that’s one thing. But its my responsibility as a company to get my customers, patients, or however they’re referred to in my industry notified that some mistake happened in my company.
I know that it can take 191 days in some circumstances before you’re notified of the breach, that can’t be helped. But once you’re notified, this is crucial to get your customers, patientsor however they’re referred to in your industry notified.
I just don’t understand what this medical center is doing, and they’re still not clear with notifications.
Maybe they need to take after a company who has had a breach and disclosed properly after the fact.
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.