Slashdot Mirror

← Back to Stories (view on slashdot.org)

Contractor Folds After Causing Breaches

Posted by kdawson on from the left-holding-many-bags dept.

talkinsecurity writes "A single contractor, privately-held Verus Inc., has been traced as the source of no less than five hospital security breaches in the past two months — and those breaches have put the company out of business in a matter of weeks. Verus, which managed the websites of as many as 60 of the country's largest hospitals, has folded its entire business within the past few weeks, without a word to anyone. Apparently, a single IT error led to the exposure of at least five hospitals' patient data — at least 100,000 individuals' personal information — and caused Verus' primary investor to pull the plug. The hospitals, which initially reported their breaches separately, were left with no one to sue."

5 of 274 comments (clear)

  1. Re:Capitalism Rules! by peragrin · · Score: 3, Informative

    But it's governement regulations that have made it that way. the BOD of corporations should be ultimately responsible for the actions of the entire company. Since Corporations are a government protected body by removing the regulations protecting them opens the BOD up to others.

    --
    i thought once I was found, but it was only a dream.
  2. Re:HIPPA by Jhon · · Score: 4, Informative

    There are serious fines and even criminal penalties for letting confidential patient records out.
    Great summary of HIPAA here.

    Covered entities and specified individuals, as explained below, whom "knowingly" obtain or disclose individually identifiable health information in violation of the Administrative Simplification Regulations face a fine of up to $50,000, as well as imprisonment up to one year.
    Notice that "knowingly" statement?

    Sorry, but I think you are wrong on the "probably folded to keep from getting heavily penalized and/or to prevent its directors from being criminally prosecuted under HIPPA". FTA, it's more likely they folded from lack of funding -- as their primary investor pulled out (most likely due to not wanting to tarnish THEIR name...

  3. Re:And that's the problem with corporations by deftcoder · · Score: 4, Informative

    A judge can reinstate a business for the duration of a trial though, even if it was dissolved (with no objections) through the normal channels.

    Just because your business was officially dissolved (through the Secretary of State's office) doesn't mean that you're off the hook for bad shit you pulled.

    If an employee or contractor was found to be negligent or acting outside of their role within the corporation, they can be found personally liable. That usually results in employee/contractor suing the business and vice versa.

    American business law is very interesting.

    --
    Peace sells, but who's buying?
  4. Your reasoning is flawed by BlackCobra43 · · Score: 3, Informative

    The same standard IS applied. When an engineer is sued it is because his design was faulty, not because the building contractor used shitty concrete. If said contractor used shitty concrete, HE will be sued into oblivion.

    Likewise, if the policies enacted by a companydirect actions defraud the public out of millions of dollars, they will be held acountable (see : Enron). If Joe Sixpack in accounting trafficks data all on his own, why should the CEO be held accountable?

    --
    I never spellcheck and I freely admit it. Save your karma for more worthwhile "lol erorrs" replies
  5. Re:Capitalism Rules! by nmx · · Score: 4, Informative

    Eh? The company was destroyed. If you think the company should be punished, is there any better punishment? Isn't this a good thing? It means that the company is not going to do that again.

    Yes, but nothing's stopping these people from forming a new company and doing the same thing again.

    --
    "Well kids, you tried your best, and you failed. The lesson is, never try."