The hospital should have disclosed the breach immediately, said a 40-year-old UMC patient whose personal information the kind that can be used for identity theft was leaked. The man, who went to the public hospital Nov.Ê1 after a motorcycle accident, learned his privacy had been breached only when a Las Vegas Sun reporter told him Wednesday afternoon.........The FBI has launched an investigation into violations of the federal Health Insurance Portability and Accountability Act, better known as HIPAA which includes penalties of up to $250,000 in fines and 10 years in jail.
The Sun reported the leak the latest scandal to hit the beleaguered hospital after the newspaper obtained 21 UMC patient face sheets cover sheets that include overviews of each case from a source who was concerned about the leak. The sheets were from Oct. 31 and Nov. 1 and were for people involved in traffic accidents.
The Suns source said he was several degrees removed from the leak and did not know how the records were being released from the hospital, but that they were allegedly being sold for months, or even years, to ambulance-chasing attorneys so they could mine for clients.
MIAOULIS NOTE: Just another in a long line of breaches. This one may have involved paper, an authorized user. The bottom line is that this type of reporting may continue to grow. As always: Could this happen at your facility? What are you doing to prevent, identify and report this type of incident.