DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

First we threaten the reporters….?

Posted on April 6, 2009 by Dissent

Kristen Ross of KBTX has a 3-part series on improper disposal of medical records in paper format. Part 1 describes hundreds of medical records floating around a dumpster that included names, addresses, social security numbers and medicaid numbers. Those documents were from the Daniel Jarvis Home Health Agency.

According to Ross, attorneys for the home health agency tried to recover the files:

…. we received word from the home health agency through an e-mail written from their attorney asking for the files we found back.

“It is our position that you are now holding property that belongs to Daniel Jarvis Home Health. Your failure or refusal to return the same will be considered a conversion and we will seek all damages that may be available,” the letter states.

Soon after KBTX received that letter, we received another also expressing interest in the files our investigation uncovered, this one a subpoena from the Attorney General’s Office.

“This material is relevant to the subject matter of an investigation of Daniel Jarvis Health Care for possible violations of the Deceptive Trade Practices Consumer Protection Act,” it reads.

The letter goes on to say the investigation involves possible misrepresentations made by Daniel Jarvis in regards to the privacy and security of customer records.

A day after we got the letter, a representative from the AG’s office came to pick the records up for further investigation, an investigation they say will also examine whether one of the AG’s newest weapons against identity theft was violated: the Identity Theft Enforcement and Protection Act. Officials say that can be applied to businesses that mishandle consumers’ personal information.

This blogger has long been a fan of Attorney General Greg Abbott for his determined efforts to pursue those who do not provide adequate data protection. Unfortunately, some states do not have laws that apply to disposal of paper records, and as most readers will know by now, HIPAA was a tremendous disappointment in terms of security and enforcement. Even the new federal provisions that amend HIPAA do not apply to protection of patient records in paper form, leaving states looking to other tools or statutes to enforce or prosecute cases.

It will be interesting to see what Texas does with this case. I don’t know whether profuse apologies on the part of the home health agency would help, but thinly veiled threats aimed at the news station doesn’t strike me as a useful response.


Related:

  • Two more entities have folded after ransomware attacks
  • Data breach feared after cyberattack on AMEOS hospitals in Germany
  • Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
  • Inquiry launched after identities of SAS soldiers leaked in fresh data breach
  • Michigan ‘ATM jackpotting’: Florida men allegedly forced machines to dispense $107K
  • Premier Health Partners issues a press release about a breach two years ago. Why was this needed now?
Category: Breach IncidentsExposureHealth DataPaperU.S.

Post navigation

← Computer technician on trial in Hong Kong celebrity sex photo case
Bits ‘n Pieces →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard
  • Trump Administration Issues AI Action Plan and Series of AI Executive Orders
  • Indonesia asked to reassess data privacy terms in new U.S. trade deal
  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial
  • Wikipedia seeks to shield contributors from UK law targeting online anonymity
  • British government reportedlu set to back down on secret iCloud backdoor after US pressure

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.
Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report