Update: Kaiser Permanente patient data exposed online
The company is pointing a finger at a former employee
Computerworld - A disgruntled former employee at Kaiser Permanente, a health maintenance organization in Oakland, Calif., posted a link to a Web site containing the personal information of 140 Kaiser patients -- an effort, she said, to call attention to a potential breach of privacy laws by the company.
The company had sought a restraining order in Alameda County Superior Court against the woman, Elisa D. Cooper, who posted the information on her Web log, according to Kaiser spokesman Matthew Schiffgens. That request was turned down, but another hearing on the matter is set for March 23.
Schiffgens said Cooper, also known as the "Diva of Disgruntled," continued to post the information despite a cease-and-desist request from Kaiser, which learned about her allegations in January from the U.S. Office of Civil Rights -- the enforcement arm under the Health Insurance Portability and Accountability Act. The federal agency began looking into the matter after the woman filed a complaint with it.
The company is investigating whether it had a hand in exposing the data. In the meantime, Cooper has agreed not to further use or publicly disseminate the personal data of Kaiser members on the Internet or elsewhere pending further court action.
According to Schiffgens, the data exposed included contact information such as names, addresses and telephone numbers, as well as medical record numbers that are unique identifiers within Kaiser Permanente. For a very small portion of the HMO's members, some routine lab information was also posted, he said.
Kaiser is now contacting the affected patients while it tries to determine on its own how the patient information became public. Cooper said she stumbled on it while doing a search for information about the company; Schiffgens denied that the data would have been publicly available.
"We're aware of the individual's allegations as to Kaiser Permanente posting this information to the Web," he said. "Our investigations have not been able to determine that, and we continue to investigate how this information came into her possession. What I can say is that Kaiser had a Web site that made various different schematics available so that remote IT people could do their work and see the schematics of the systems they were working on."
Cooper, who described herself in an e-mail message to Computerworld as a former "Web coordinator" for the HMO, claimed that the Web site she found contained diagrams of Kaiser systems, as well as the confidential patient data. In fact, she said she accessed the site using Google.
"I had been trying to dispute my termination, but Kaiser would not allow
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Market Overview: Digital Customer Experience Delivery Platforms Forrester states that businesses today struggle to understand and use the tools necessary to create and manage unified, multichannel digital customer experiences across...
- The Growing Demand for Rich Media This white paper discusses how IBM Customer Experience Suite Rich Media Edition can automate rich media workflows, from collaborating with creative agencies and...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- On-demand webinar - 7 Keys to Service Catalog Implementation Success Watch this webinar to learn 7 crucial keys to make your service catalog a success! All Privacy White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!