Lawsuit: Patient records leaked through peer-to-peer network

[kirniki <kirniki () gmail com>]

http://www.kcchronicle.com/articles/2010/02/26/16209753/index.xml

A class action lawsuit claims an Elgin clinic released confidential
information of its patients – including their HIV or AIDS status –
over file sharing computer networks.

The complaint, filed Thursday against The Open Door Clinic of Greater
Elgin, names four people as “John Doe,” including one man from St.
Charles, and a fifth “Jane Doe,” on behalf of “all those similarly
situated.” The class action lawsuit goes on to state the class
consists of at least 260 people, who are suing on the basis of
negligence, invasion of privacy and breech of confidentiality.

The lawsuit, filed by attorney Terry Heady of Aurora, claims that the
clinic “negligently, wrongfully and improperly leaked, disseminated
and disclosed its patients personally identifiable information,
including, but not limited to their HIV/AIDS status” by way of
“peer-to-peer file sharing networks where the information was made
readily available, accessible and retrievable to the public at large.”

Information was leaked beginning in late May 2008 – possibly earlier –
until at least July 2009, according to the complaint. Clinic officials
have been aware of the leak since the summer of 2008, but did not
notify patients, according to the complaint.
[..]
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php