Marshall Allen of the Las Vegas Sun reports:
The FBI said Friday it may investigate a breach of patient privacy laws at University Medical Center, where hospital officials are reeling with the realization that at least one of their employees has leaked confidential names, birth dates and Social Security numbers.
UMC officials spent Friday determining how they would respond to the Sun’s report that protected patient information allegedly has been sold so ambulance-chasing attorneys can harvest clients.
FBI Special Agent Joseph Dickey said the agency met with officials of the county owned hospital and has begun “evaluating” the unauthorized release of confidential patient records.
Allen repeats the concern raised in previous coverage that although the hospital had been alerted to a problem, it did not pursue it:
The county’s response is an about-face for hospital and county officials. Until Thursday, they doubted there had been any leak and had conducted only a cursory probe into rumors of the breach. Silver was warned by sources this summer about patient records being obtained illegally. She took a quick look at which attorneys were requesting records, and then dismissed it as a “nonissue.”
Commissioner Lawrence Weekly, chairman of the hospital’s board of trustees, told the Sun that he was warned almost two weeks ago by “several credible people” that someone was leaking private patient information to an outside attorney. But Weekly did not report the information to anyone at UMC because he was not familiar with the HIPAA laws — which include penalties of up to $250,000 in fines and 10 years in jail.