Sunday, May 20, 2012

Hospital Finance Employee in Boston Steals Patient Info for Identity Theft

A hospital's patient financial coordinator was arrested for inappropriately accessing patients' hospital records and using them to commit identity theft. 3,600 patients were notified by the hospital and the hospital is paying for one year of credit monitoring.

The scam that led to their arrest involved setting up electrical service for their apartment using a patient's information and sending the bills to yet another person's addresses. When the bills were not paid for 4 months the electricity company would close down the account and go after the patient for non-payment. The hospital employee would then repeat the fraud by opening a new account with a different patient's information.
"We are saddened and disappointed that this former employee appears to have chosen to violate both our trust and that of our patients." - Hospital president and CEO
Of course, once the electric utility got the police involved the entire scheme quickly fell apart since the perpetrators were living at the address getting the electricity. Duh? The police then determined that the only similarity between all the victims was that they were patients at the same hospital. At which point the police contacted the hospital.

Unfortunately the traditional hospital response of additional training to reenforce the importance of safeguarding patient information is likely to have little effect on staff with criminal intentions.
Moreover, it is not realistic to prevent employees in the finance department from viewing sensitive patient financial information as they need access to insurance numbers and the like to do their job.
For this reason hospitals are turning to Identity and Access Intelligence solutions that can proactively identify inappropriate access that violates patient data privacy, even by authorized employees.
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.
(a) Hospital worker from Quincy charged with ID theft - The Patriot Ledger, May 19, 2012

No comments:

Popular Posts

Copyright © 2010-2017 by Veriphyr Incorporated, All Rights Reserved.

Contact us at