The Center for Autism and Related Disorders Data Breach Should Have No Lasting Effects
Table of Contents
- By Steven
- Feb 16, 2023
Even with all the technological advancements humanity has made in recent years, the one thing we will never be able to (nor should we want to) remove is human error. It is a sign of our humanity, and a reminder that we were not made to be perfect. While this can sometimes affect our peers negatively, the main person usually affected by our mistakes is us – me, you, that random guy you knew in sixth grade that moved. Whoever made the mistake deals with the brunt of the impact. Unfortunately, that is inaccurate with the Center for Autism and Related Disorders (CARD) data breach.
How Did the Breach Occur?
The breach resulted from a third-party vendor in charge of customer invoicing causing a slight malfunction. The malfunction resulted in CARD patient families being invoiced for unrelated patient visits. CARD has made it clear that no one that received these invoices mistakenly will be made to pay them.
What Information Was Viewed or Stolen?
The families that received the invoices won’t likely have much come out of the data breach. The billing notices contained patient names, CARD internal reference numbers, and payment history. The breach involved no insurance or financial information. This is a relief, as is the lack of phone number or email inclusion; people with mental challenges and disabilities are often more susceptible to phishing and other types of scams.
How Did CARD Admit to the Breach?
CARD admitted to the breach with a filing with the California Attorney General’s Office. It read, “CARD recently discovered that, as part of a recent update to its patient billing systems, the third-party vendor responsible for generating patient invoices incorrectly made a computer error which resulted in certain caregivers receiving an invoice for services for an unrelated patient.” It went on to assure victims that the breach involved no social security details or anything else overtly sensitive.
What Will Become of the Stolen Information?
There will very likely be nothing that comes of the data breach. Anyone who accessed the information was given direct instructions to destroy it and everything associated with it. It is unclear how many people were affected by the breach, but these people will likely end up fine. As it is, there was very little information involved.
What Should Affected Parties Do in the Aftermath of the Breach?
There is one very important thing to start you off: shred the paper. Run it through a paper shredder and disperse the pieces through your outdoor recycling bin if you have one. Otherwise, ensure the pieces are well separated in your indoor one so they can be removed to wherever they need to go. You might look silly sprinkling bits of paper into your recycle bin, but you need to remember that someone else is depending on you now. You would want them to dispose of your loved one’s information properly, so take the same care with their loved one’s details.