Friday, December 9, 2011

VA Hospital Employee Charged with Identity Theft

An employee at a VA medical center in Miami is alleged to have sold personal information of disabled veterans using her privileged access to hospital systems. The information was later used to open unauthorized credit card accounts at Citibank.

The employee faces charges connected with the theft and sale of the personal information of at least 22 military veterans. Kendrick is alleged to have used her position in the medical center’s travel benefits department to obtain names, addresses, dates of birth, and Social Security numbers, which she in turn transferred to an accomplice who opened the credit card accounts.

The fraud was discovered after the VA Office of Inspector General received complaints regarding the fraudulent accounts.

Most attention in the press on the security of patient information centers on electronic health records. However, patient billing information is also vulnerable, and the systems that hold billing information typically do not have any built-in audit capabilities. An effective defense of patient privacy focuses on tracking access to all systems and applications holding personally identifiable information to ensure that sensitive information is accessed only by authorized personnel and only in accordance with their job function. Problem access needs to be identified and remediated quickly. The challenge for health care providers is to do this with limited personnel and budgets, and without introducing new software or hardware into the IT environment.
Download a white paper on data breach detection as a service. Learn about a service that proactively identifies unauthorized breaches of patient privacy, even by authorized users - with no hardware and no on-site software.

Subscribe to our RSS feed and follow us on Twitter (@Veriphyr)!

No comments:

Popular Posts

Copyright © 2010-2017 by Veriphyr Incorporated, All Rights Reserved.

Contact us at