Community Health Systems announced this week that it has fallen victim to a cyberattack from Chinese hackers. This may be the largest breach involving patient information of its kind to have occurred since the Department of Health and Human Services started tracking such breaches on its website in 2009.
What's worse — a company that waits 3 years to let its customers know they've been breached, or a data protection office that's forced to turn an investigative eye on itself? The answer is that they're both equally concerning. And what's even more troubling is that both situations happened.