HIPAA Violation Charged in Records Theft

Authorities Allege 4,500 Patient Records Stolen

By , June 6, 2011.
HIPAA Violation Charged in Records Theft

A

See Also: Automate and Standardize your IAM to Radically Reduce Risk

n Alabama woman has been charged with violating the HIPAA Privacy Rule following allegations that she stole identifying information on about 4,500 patients from Trinity Medical Center in Birmingham.

Chelsea Catherine Stewart of Alabaster allegedly stole the patient information from the medical center, formerly Baptist Montclair Hospital, between March 22 and April 18, while an associate of hers was a patient at the hospital, according to Joyce White Vance, U.S. Attorney for the Northern District of Alabama.

The stolen records, which spanned several years, included patient names, dates of birth and Social Security numbers, according to the criminal complaint. Local police recovered hundreds of pages containing the information while executing a search warrant at a residence where she was staying, the complaint says.

In a statement on its website, Trinity Medical Center says that surgery schedules were stolen from a closed patient registration area the last week of March. "As a result of the theft, the hospital is increasing its security by changing access to the registration area of the involved department," according to the statement. "All stolen information has been recovered. ... The hospital has no reason to believe this information has been or will be used in a way that would cause harm."

Nevertheless, the medical center has notified all patients affected and offered them free credit monitoring services for a year. The HITECH Act breach notification rule requires notifying patients, as well as the Department of Health and Human Services' Office for Civil Rights, about breach incidents.

Follow Howard Anderson on Twitter: @HealthInfoSec

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE U.S. Data Breach Notification Law Unlikely in 2014

Despite President Obama's urgent call to lawmakers to enact a national data breach notification...

Latest Tweets and Mentions

ARTICLE U.S. Data Breach Notification Law Unlikely in 2014

Despite President Obama's urgent call to lawmakers to enact a national data breach notification...

The ISMG Network