Montefiore reports data stolen from 12,000 patients
A Montefiore Medical Center employee in New York stole names, addresses, dates of birth, Social Security numbers, next of kin information and health insurance details of more than 12,000 patients and used those identities to purchase clothing and other merchandise from some of New York’s finest department stores. The employee printed thousands of patients’ records every day and sold them for $3 per copy to outside accomplices. The hospital had no way of preventing or controlling this activity. The employee and her accomplices are under arrest, but the hospital may face charges for violating HIPAA and patient privacy laws. If you are in healthcare, you need to protect printed PHI and other sensitive information from easily leaving your premises.