<html>
<body>
<font size=3>I will wholeheartedly agree, but due to the lack of HIPPA
enforcement, this is barking at the moon, unless you can obtain enough
information, (which is kept away from victims) to allow a civil action to
go forward.<br><br>
At 12:13 7/18/2006, you wrote:<br>
<blockquote type=cite class=cite cite="">The ambulance company probably
has a business associate agreement with one or more health care
providers, so they are probably a covered entity under HIPAA. What is
disturbing about these cases where medical information is specifically
targeted is that the folks making the breach notifications are not giving
consumers proper warnings about the medical aspects of identity theft.
For example, these breach victims should be specifically checking their
insurance company payouts even more than their credit report.<br><br>
We published a report on medical identity theft in May, and have just
published a detailed FAQ for victims. The harms for medical identity
theft can be profound and challenging for victims to uncover and resolve:
<<a href="http://www.worldprivacyforum.org/medicalidentitytheft.html" eudora="autourl">
http://www.worldprivacyforum.org/medicalidentitytheft.html</a>>.<br>
<br>
--Pam Dixon<br><br>
<br><br>
On Jul 17, 2006, at 6:49 PM, blitz wrote:<br><br>
<blockquote type=cite class=cite cite="">In their position, this is prob
a violation of patients HIPPA rights.<br>
HOWEVER, the organization in charge of enforcing HIPPA complaints,
has yet to undertake a single enforcement action. Wonder why? It's full
of self-protecting doctors, insurance-scum and is protecting their own
backsides of course.<br>
HIPPA is worthless!<br><br>
<br>
At 19:34 7/17/2006, you wrote:<br><br>
<blockquote type=cite class=cite cite="">(From June, but not yet
mentioned on this list. Courtesy Beth Givens<br>
and Privacy Rights Clearinghouse):<br><br>
<a href="http://www.fayettevillenc.com/article?id=235733" eudora="autourl">
http://www.fayettevillenc.com/article?id=235733</a><br><br>
Published on Wednesday, June 21, 2006<br><br>
By Nancy McCleary<br>
Staff writer<br><br>
A portable computer containing the personal information of more
than<br>
24,000 people was stolen from a Cumberland County ambulance June
8.<br><br>
The computer contained the information of 24,350 people treated in
the<br>
past year by Cumberland County Emergency Medical Services.<br><br>
Cape Fear Valley Health System, which operates the EMS, has
notified the<br>
N.C. Attorney General.s Office and mailed letters to the affected
people,<br>
urging them to monitor bank and credit card accounts, said Clinton
Weaver,<br>
a spokesman for the health system.<br><br>
"We're treating this incident seriously," he said.
"We know the importance<br>
of patient confidentiality, and we're looking at ways to prevent
this in<br>
the future."<br><br>
[...]<br><br>
_______________________________________________<br>
Dataloss Mailing List (dataloss@attrition.org)<br>
<a href="http://attrition.org/errata/dataloss/" eudora="autourl">
http://attrition.org/errata/dataloss/</a></blockquote>-- <br>
This message has been scanned for viruses and<br>
dangerous content by MailScanner, and is<br>
believed to be clean._______________________________________________<br>
Dataloss Mailing List (dataloss@attrition.org)<br>
<a href="http://attrition.org/errata/dataloss/" eudora="autourl">
http://attrition.org/errata/dataloss/</a><br>
</blockquote><br><br>
</font></blockquote></body>
<br />--
<br />This message has been scanned for viruses and
<br />dangerous content by
<a href="http://www.mailscanner.info/"><b>MailScanner</b></a>, and is
<br />believed to be clean.
</html>