Medical EthicsPolicy & Law

IRS Facing a Lawsuit over HIPAA Violations

2 Mins read

ImageThe IRS is facing a lawsuit over HIPAA violations considered to be a data breach of ten million records with unauthorized seizure. The class action lawsuit does not name the individual company and called it “the John Doe Company” who filed the case.  The IRS is being accused of not being helpful regarding supplying information and the lawsuit is looking for $25,000 per individual compensation.

ImageThe IRS is facing a lawsuit over HIPAA violations considered to be a data breach of ten million records with unauthorized seizure. The class action lawsuit does not name the individual company and called it “the John Doe Company” who filed the case.  The IRS is being accused of not being helpful regarding supplying information and the lawsuit is looking for $25,000 per individual compensation.

The covered entity, called John Doe Company, states that the IRS agents stole more than 60,000,000 medical records of more than 10,000,000 Americans, including at least 1,000,000 Californians.

The agents for the IRS allegedly conducted the unlawful search and seizure in 2011 in Southern California.

From the press release:“No search warrant authorized the seizure of these records; no subpoena authorized the seizure of these records; none of the 10,000,000 Americans were under any kind of known criminal or civil investigation and their medical records had no relevance whatsoever to the IRS search. IT personnel at the scene, a HIPPA [sic: recte HIPAA] facility warning on the building and the IT portion of the searched premises, and the company executives each warned the IRS agents of these privileged records. The IRS agents ignored and discarded each of these warnings, ignored their own published and public-reliant rules and governing ethical requirements, and ignored the limitations of the court’s search warrant authorization, seizing the records under threat of destroying company property”

Not too long ago, I suggested that HIPAA rules should be expanded and combined with other privacy laws to make areas of conflict or duplication clear. It would be helpful to have all privacy and security related information aggregated so it could be accessed in one place. This is a huge problem, and not just in healthcare. I would guess that there are many HIPAA covered entities that may not be aware they are such and they could be operating under other privacy or security entities at the same time.

The lawsuit alleges that the IRS violated the 4th amendment, that there was no reason for them to access the records, and no search warrant was requested. The records are said to include the personal health records of all of the California state judges as well. This certainly is making more of a case for digital laws in the U.S.

http://healthitsecurity.com/2013/03/14/irs-facing-class-action-suit-for-medical-record-breach/

images: medical records/shutterstock

Related posts
Global HealthcarePolicy & Law

Do HMOs Deserve A Bad Reputation? The Truth Of Managed Healthcare

3 Mins read
Have you ever heard people say that HMO health insurance is no good? It’s no secret that HMOs have a bad reputation,…
Policy & Law

Top 4 Important Things To Understand About Insurance

2 Mins read
When it comes to Medicare, the enrollment process can be a little tricky. That’s why it’s important to understand the relevant health…
Health carePolicy & Law

Elmiron Controversy Highlights Need For Longterm Clinical Drug Testing

4 Mins read
Elmiron has recently been the subject of a number of lawsuits brought about over claims that the drug causes vision problems and may lead…