5 Most Bizarre HIPAA Violation Cases
Learn simple security protocols to protect patient data.
This article is an excerpt from our ebook, 5 Most Bizarre HIPAA Breaches. Download your free copy of the complete ebook.As one of the industry’s largest data security and compliance vendors, there isn’t much we haven’t seen. But even with 11 years of breach investigation experience, every now and then we come across a data compromise that’s flat out strange.
Here’s one breach that reminds us of the importance of BAAs and a company’s need to perform due diligence before making a partnership.
The James Bond breach
In the 1977 box office hit The Spy Who Loved Me, James Bond uses a miniature microfiche reader to intercept the villain’s secret plans for a submarine tracking system. Our first breach may not be quite this exciting, but it does share Bond-era microfiche technology.Microfiche is a storage media where documents are shrunk to about 1/25 size and copied onto photographic film. A 105x148mm microfiche card typically contains micro reproductions so small that special devices are required to read the data.
On May 13, 2013, Dallas police were notified when a local resident discovered microfiche containing sensitive patient information in a public park. Upon further investigation, police discovered three additional microfiche in two other Dallas-area public parks.
These microfiche, which contained social security numbers and medical data of 277,014 Texas Health Fort Worth Hospital patients from the ‘80s and ‘90s, had been delivered to a document shredding company for secure disposal. How these microfiche ended up in multiple public parks across Dallas remains a mystery.
Regardless of who is at fault, the covered entity at minimum shares accountability for the breach. Choose your vendors wisely and make sure you have a Business Associate Agreement (BAA) in place.
SEE ALSO: You Can't Hide Behind a Business Associate Agreement
This article is an excerpt from our ebook, 5 Most Bizarre HIPAA Breaches. Access the complete ebook here.