Joseph Goedert
AUG 22, 2012 12:19pm ET

Related Links

University Settles with Feds After HIPAA Violations
May 22, 2013
Data Entry Error Leads to Data Breach at LSU
May 21, 2013
Quick Turnaround on Breach Notification
May 17, 2013
California Developing Guidance for Patient Consent of HIE
May 17, 2013
Hacker Gets Patient Credit Cards from North Carolina Providers
May 16, 2013
OCR Seminars to Walk through Omnibus HIPAA Rule
May 16, 2013
PHI Breach #3 for Indiana University
May 15, 2013

Cops: ER Employee Sold 760,000 Patient Records

Print
Reprints
Email

The FBI has arrested a former employee of Florida Hospital Celebration, charging him with accessing 760,000 emergency department records over two years and selling them, WFTV in Orlando reports.

The bureau alleges that Dale Munroe, who registered patients in the emergency department, primarily accessed records of patients who were in an automobile accident from several hospitals across the state, and sold the records to someone who sold them to chiropractors and attorneys.

Patients usually got a solicitation call within a week. The scheme unraveled when one of the calls went to a hospital employee who knew the records were to be private, WFTV reports.

The FBI investigation and resulting discovery of the scope of the breach follows Florida Hospital's original report last year to the HHS Office for Civil Rights of a breach in August 2011 that at the time was believed to have affected 12,784 patients, as the breach currently is displayed on OCR's public Web site of major breaches of protected health information.

 

Data Security
Consumer Health
EHR
Hospitals
Stimulus
Policy & Regulation

Comments (2)
This represents the flaw in HIPAA. Information is only as secure as the person accessing the data. How is it that an employee has access to the raw data? An employee should be able to input and view the data as per their job description. No one should have access to the raw data and no one should be able to download the data.

Are the chiropractors and attorneys going to be arrested? They should be for receiving stolen property and PHI.

Posted by Gary B | Wednesday, August 22 2012 at 1:29PM ET
tr
Posted by Darrin D | Wednesday, August 22 2012 at 2:30PM ET
Add Your Comments:
You must be registered to post a comment.
Not Registered?
You must be registered to post a comment. Click here to register.
Already registered? Log in here
Please note you must now log in with your email address and password.
Most Read
Most Emailed

Slide Shows

Insights into Physician Satisfaction
Twitter
Facebook
LinkedIn

Current Issue

Ready or Not, Here Come HIPAA Audits

As the feds ramp up enforcement of privacy and security rules, providers look to fill protection gaps.

Videos

Health I.T. Keeps NY Islanders On the Ice

Policy & Regulation

EHR

Health Info Exchange

Revenue Cycle & Payments

Chronic Care

Mobile Technology

Web Seminars

White Papers

Login  |  My Account  |  White Papers  |  Web Seminars  |  Events |  Newsletters |  eBooks
FOLLOW US
Already a subscriber? Log in here
Please note you must now log in with your email address and password.