Between 2010 and 2012 she stole patient names, birth dates, and Social Security numbers, violating HIPAA regulations, according to the indictment filed in the US District Court for the Western District of Kentucky.
"disclosed her employer's patients' identifying information by providing names, birth dates and Social Security numbers to loan companies so she could obtain loans for her personal use and advantage."It is unclear if this identity theft was first discovered by law enforcement rather than the medical office where she was working. Healthcare organizations can proactively detect privacy data breaches with low-cost on-demand SaaS analytics services.
- U.S. District Court for the Western District of Kentucky
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.> Sources:
(a) KY: Woman indicted for identity theft, stealing patient information to obtain loans - www.PHIprivacy.net, 11/16/2013