DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

WV: Woman says St. Mary’s didn’t protect her medical records

Posted on January 15, 2016 by Dissent

Kyla Asbury reports on another small-n breach case that reportedly had huge consequences for the victim:

A Wayne County woman is suing St. Mary’s Medical Center after she claims it allowed people to access her private health information that should not have had access.

St. Mary’s Medical Management LLC; Cabell-Huntington Hospital Inc.; Rebecca Winters, formerly known as Rebecca Harmon; and Jessica Hatfield also were named as defendants in the suit.

On Oct. 25, 2013, C.H. went to her physician Dr. Joseph P. Assaley, for certain laboratory tests, which included testing for sexually transmitted diseases, according to a complaint filed in Cabell Circuit Court.

Okay, you’re probably thinking this is a snooping lawsuit. But there are other allegations of note:

C.H. claims Winters obtained a copy of her testing results, altered the results to indicate that she tested positive for Chlamydia and Gonorrhea and then published the falsified results to multiple third-parties.

And it didn’t happen just once, C.H. alleges in her lawsuit. The defendants’ actions resulted in her being harassed, she claims:

C.H. claims she began to see Internet posts alleging she had various STDs, and complaints were made to her employer alleging she had STDs and she began receiving insulting and intrusive prank phone calls from untraceable numbers.

Read more on West Virginia Record. There are a number of issues here legally, including who was responsible for auditing the access logs when the patient contacted Cabell with her concerns.

N.B.: This not the first time St. Mary’s has been sued for employee wrongdoing in exposing private information. See this earlier post/case. I wonder if HHS will consider that if OCR is investigating any complaint arising from this later incident. 

Category: Health DataInsiderU.S.

Post navigation

← TaxAct Acknowledges Data Breach
MaineGeneral breach update: investigation revealed additional PHI compromised →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Investigation of 2024 Helsinki data breach – Report
  • Major trial underway for data leak that left 72,000 victims in France
  • Anubis: A Closer Look at an Emerging Ransomware with Built-in Wiper
  • HealthEC Agrees to $5.48 Million Settlement to End Data Breach Lawsuit
  • US offering $10 million for info on Iranian hackers behind IOControl malware
  • Sompo Japan Insurance submits improvement plan after info leakage
  • Moreno Valley, Calif., Schools Report Data Breach
  • The Growing Cyber Risks from AI — and How Organizations Can Fight Back
  • Credit Control Corporation data allegedly from 9.1 million consumers listed for sale on forum
  • Copilot AI Bug Could Leak Sensitive Data via Email Prompts

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Your household smart products must respect your privacy – including your air fryer
  • Vermont signs Kids Code into law, faces legal challenges
  • Data Categories and Surveillance Pricing: Ferguson’s Nuanced Approach to Privacy Innovation
  • Anne Wojcicki Wins Bidding for 23andMe
  • Would you — or wouldn’t you?
  • New York passes a bill to prevent AI-fueled disasters
  • Synthetic Data and the Illusion of Privacy: Legal Risks of Using De-Identified AI Training Sets

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.