Friday, July 26, 2013

Hospital Billing Employee Stole Patient IDs

A hospital billing company employee, with an “extensive history of theft by deception,” stole protected health information (PHI), including credit card and social security numbers of patient records his employer was processing.

After learning of the breach the hospital terminated their contract with the billing company. The court upheld the contract termination stating the billing company “violated the essential trust patients place in their healthcare providers and healthcare providers place in the companies with which they contract to aid in the provision of healthcare.”

"The billing company learned from police that the employee “wrongly and without authorization” acquired PHI to obtain patients’ credit cards to make purchases."
- US DISTRICT COURT FOR THE SOUTHERN DISTRICT OF FLORIDA, Miami Division
In this case the the billing company learned of the identity theft from law enforcement. Healthcare organizations can proactively detect PHI breaches with low-cost on-demand SaaS analytics services.
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Court finds breach of HIPAA business associate agreement resulting from identity theft - www.lexology.com, 07/17/2013

No comments:

Popular Posts

Copyright © 2010-2017 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.