Re: North Carolina - EMS patient data is stolen

[World Privacy Forum <info2006 () worldprivacyforum org>]

The ambulance company probably has a business associate agreement with 
one or more health care providers, so they are probably a covered 
entity under HIPAA. What is disturbing about these cases where medical 
information is specifically targeted is that the folks making the 
breach notifications are not giving consumers proper warnings about the 
medical aspects of identity theft. For example, these breach victims 
should be specifically checking their insurance company payouts even 
more than their credit report.

We published a report on medical identity theft in May, and have just 
published a detailed FAQ for victims. The harms for medical identity 
theft can be profound and challenging for victims to uncover and 
resolve: <http://www.worldprivacyforum.org/medicalidentitytheft.html>.

--Pam Dixon



On Jul 17, 2006, at 6:49 PM, blitz wrote:

> In their position, this is prob a violation of patients HIPPA rights.
>  HOWEVER, the organization in charge of enforcing HIPPA complaints, 
> has yet to undertake a single enforcement action. Wonder why? It's 
> full of self-protecting doctors, insurance-scum and is protecting 
> their own backsides of course.
>  HIPPA is worthless!
>
>
>  At 19:34 7/17/2006, you wrote:
>
> > (From June, but not yet mentioned on this list.  Courtesy Beth Givens
> >  and Privacy Rights Clearinghouse):
> >
> > http://www.fayettevillenc.com/article?id=235733
> >
> >  Published on Wednesday, June 21, 2006
> >
> >  By Nancy McCleary
> >  Staff writer
> >
> >  A portable computer containing the personal information of more than
> >  24,000 people was stolen from a Cumberland County ambulance June 8.
> >
> >  The computer contained the information of 24,350 people treated in 
> > the
> >  past year by Cumberland County Emergency Medical Services.
> >
> >  Cape Fear Valley Health System, which operates the EMS, has notified 
> > the
> >  N.C. Attorney General.s Office and mailed letters to the affected 
> > people,
> >  urging them to monitor bank and credit card accounts, said Clinton 
> > Weaver,
> >  a spokesman for the health system.
> >
> >  "We're treating this incident seriously," he said. "We know the 
> > importance
> >  of patient confidentiality, and we're looking at ways to prevent 
> > this in
> >  the future."
> >
> >  [...]
> >
> >  _______________________________________________
> >  Dataloss Mailing List (dataloss () attrition org)
> > http://attrition.org/errata/dataloss/
> -- 
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean._______________________________________________
> Dataloss Mailing List (dataloss () attrition org)
> http://attrition.org/errata/dataloss/

_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/errata/dataloss/