DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

First we threaten the reporters….?

Posted on April 6, 2009 by Dissent

Kristen Ross of KBTX has a 3-part series on improper disposal of medical records in paper format. Part 1 describes hundreds of medical records floating around a dumpster that included names, addresses, social security numbers and medicaid numbers. Those documents were from the Daniel Jarvis Home Health Agency.

According to Ross, attorneys for the home health agency tried to recover the files:

…. we received word from the home health agency through an e-mail written from their attorney asking for the files we found back.

“It is our position that you are now holding property that belongs to Daniel Jarvis Home Health. Your failure or refusal to return the same will be considered a conversion and we will seek all damages that may be available,” the letter states.

Soon after KBTX received that letter, we received another also expressing interest in the files our investigation uncovered, this one a subpoena from the Attorney General’s Office.

“This material is relevant to the subject matter of an investigation of Daniel Jarvis Health Care for possible violations of the Deceptive Trade Practices Consumer Protection Act,” it reads.

The letter goes on to say the investigation involves possible misrepresentations made by Daniel Jarvis in regards to the privacy and security of customer records.

A day after we got the letter, a representative from the AG’s office came to pick the records up for further investigation, an investigation they say will also examine whether one of the AG’s newest weapons against identity theft was violated: the Identity Theft Enforcement and Protection Act. Officials say that can be applied to businesses that mishandle consumers’ personal information.

This blogger has long been a fan of Attorney General Greg Abbott for his determined efforts to pursue those who do not provide adequate data protection. Unfortunately, some states do not have laws that apply to disposal of paper records, and as most readers will know by now, HIPAA was a tremendous disappointment in terms of security and enforcement. Even the new federal provisions that amend HIPAA do not apply to protection of patient records in paper form, leaving states looking to other tools or statutes to enforce or prosecute cases.

It will be interesting to see what Texas does with this case. I don’t know whether profuse apologies on the part of the home health agency would help, but thinly veiled threats aimed at the news station doesn’t strike me as a useful response.

No related posts.

Category: Breach IncidentsExposureHealth DataPaperU.S.

Post navigation

← Computer technician on trial in Hong Kong celebrity sex photo case
Bits ‘n Pieces →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Avantic Medical Lab hacked; patient data leaked by Everest Group
  • Integrated Oncology Network victim of phishing attack; multiple locations affected (2)
  • HHS’ Office for Civil Rights Settles HIPAA Privacy and Security Rule Investigation with Deer Oaks Behavioral Health for $225k and a Corrective Action Plan
  • HB1127 Explained: North Dakota’s New InfoSec Requirements for Financial Corporations
  • Credit reports among personal data of 190,000 breached, put for sale on Dark Web; IT vendor fined
  • Five youths arrested on suspicion of phishing
  • Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure
  • Kentfield Hospital victim of cyberattack by World Leaks, patient data involved
  • India’s Max Financial says hacker accessed customer data from its insurance unit
  • Brazil’s central bank service provider hacked, $140M stolen

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • On July 7, Gemini AI will access your WhatsApp and more. Learn how to disable it on Android.
  • German court awards Facebook user €5,000 for data protection violations
  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.