FBI, hospital in talks over leak of patient records

Tiffany Brown

University Medical Center, which is Clark County’s only publicly funded hospital.

By Richard A. Serrano (contact)

Friday, Nov. 20, 2009 | 5:01 p.m.

Hospital privacy leak could harm patients (11-20-09)

Accident patients who have been treated at UMC and contacted by legal representatives are invited to contact reporter Marshall Allen at 259-2330 or marshall.allen@lasvegassun.com.

More Sun health coverage

U.S. Department of Health & Human Services: Health Information Privacy
University Medical Center of Southern Nevada

The FBI said Friday that it has begun "evaluating" the unauthorized release of confidential patient records after officials at University Medical Center met with them in an attempt to determine how the materials have been compromised.

"We have been contacted by UMC and they have provided us information regarding it," said FBI Special Agent Joseph Dickey. "And we are evaluating it. I can acknowledge that we are discussing it."

Dickey said he could not confirm whether the FBI had officially opened an investigation into the matter, which arose after allegations in The Sun on Friday detailed how private patient information from UMC had been leaking for months, allegedly in order to help lawyers find new clients.

But the FBI official stressed that federal investigators are taking the matter seriously in that it appears to violate the federal Health Insurance Portability and Accountability Act, better known as HIPPA. That law was set up to guard patient privacy.

"The allegations seem to be very serious," Dickey said. "Absolutely, they are serious, on a number of fronts. There could be multiple federal laws that are violated."

He added that this is the first time he has seen such a potential violation in Las Vegas.

It is believed that someone at UMC is selling a collection of the records from daily hospital registration forms for patients injured in accidents. Hospital officials told the Sun that they have known of the "rumors" for months but doubted their veracity until shown copies of the materials by the newspaper.

Discussion: 7 comments so far…

Comments are moderated by Las Vegas Sun editors. Our goal is not to limit the discussion, but rather to elevate it. Comments should be relevant and contain no abusive language. Comments that are off-topic, vulgar, profane or include personal attacks will be removed. Full comments policy.

By CynicalObserver

Nov. 20, 2009

8:28 p.m.

Suggest removal

I am happy that the FBI is involved in this issue. Under the famous "honest services law" the FBI can request prosecution, in Federal Court, for all sorts of chicanery. All of our esteemed ex-County Commissioners who did time in the Federal slam were prosecuted under that law. It's the same law being used to prosecute former Illinois Governor Rod Blagojevich for trying to gain a benefit for himself in exercising his power to appoint someone to President Obama's seat in the Senate.

As a result, this case seems pretty elementary to me. You check into UMC expecting to receive medical care, and among the mountain of papers they make you sign is their disclosure of how they comply with the Federal medical privacy law. As a result, someone who uses UMC's medical records, obtained in violation of that law, commits an honest services law. Thus, it is a Federal crime, even if violation of the medical privacy law isn't a crime in and of itself.

I wonder how far this prosecution can go, starting with the person(s) who pull the information off the UMC computer, to the first people who buy it, to the people the information is sold to, to the lawyers who magically get cases for plaintiffs who don't know these lawyers from Adam. Is that the sound of law firm shredders I hear running tonight?

The computer nerds in my family think that it is possible for someone to have hacked into UMC's computer system, to get this information, without their being employed by UMC. This is a great case for the FBI to handle, because it's cyber crime involving the use of interstate commerce tools, i.e. the telephone companies.

Somehow, I have a sense that this "discovery" ties into the concept of the "Medical Mafia" cases which the U.S. Attorney is already prosecuting.

Very cool.

Now, if the investigation of Kathy Silver's conduct could include the quesion of why UMC patient rooms are not cleaned every day, that would be good too. I suspect there is a Federal law or hospital regulation requiring that too. That seems like another "honest services" crime. While investigations are being made about Kathy Silver's management style, someone should also be looking at the nosocomial infection rate.
By plainjane

Nov. 22, 2009

2:34 p.m.

Suggest removal

It's HIPAA, not HIPPA.
By ruinedsoul

Nov. 23, 2009

10:56 a.m.

Suggest removal

Isn't this the SECOND scam under Valentines watch at UMC? Just wondering why the Feds don't check on her. We are tired of how UMC is run. Lacy, Silver...whomever. Its all leads back to Valentine and her obvious inept in management of the institution.
By zombiedata

Nov. 23, 2009

2:23 p.m.

Suggest removal

anyone look into a company called "LDG?" (Litigation Document Group). they scan people's medical records and they are a litigation support company. Maybe someone is scanning them for UMC and then handing them over to the lawyers that they do business with?