Comments (11) | Add a comment
FBI probing UMC data leaks
Tools
LAS VEGAS REVIEW-JOURNAL
Updated: Apr. 10, 2012 | 10:01 a.m.
The FBI is investigating claims that sensitive patient information was leaked from University Medical Center, violating federal privacy laws.
Hospital officials suspect at least one employee sold documents with confidential data about accident victims to local attorneys who could use it to solicit business from these patients.
"We're trying to find out how widespread it is," hospital spokesman Rick Plummer said, noting that the FBI investigation began Friday morning. "It goes against everything we stand for. Whatever attorney's office this went to should be very nervous."
Those who flout the federal Health Insurance Portability and Accountability Act, also known as HIPAA, face a possible $250,000 fine and 10 years in prison for each offense.
The State Bar of Nevada has received no complaints about attorneys inappropriately receiving or using UMC patient information, spokesman Phil Pattee said.
But Pattee said a combination of ethics rules prohibits lawyers from engaging in the kind of activity alleged in the UMC case.
"Essentially you cannot give nonlawyers anything of value for referring a client to you," he said.
While lawyers are allowed to advertise, they are not allowed to solicit business directly from prospective clients, although there are exceptions, Pattee said.
Because federal laws might have been broken, local authorities probably won't get involved, said Bill Cassell, a spokesman for the Metropolitan Police Department.
The U.S. Attorney's office will handle the case if an arrest is made, according to an official in the district attorney's office.
Daniel Bogden, the U.S. attorney for Nevada, said he could neither confirm nor deny that a matter is under investigation.
But he said he is not aware of any past federal prosecutions in Nevada involving HIPAA violations.
UMC is a county hospital with a trauma center that handles a high volume of patients who have been in car wrecks.
An unnamed tipster showed a Las Vegas Sun reporter "face sheets" containing personal data on accident victims, including birth dates, Social Security numbers and injuries, Plummer confirmed. The newspaper informed the hospital's chief executive Kathy Silver, who said she had heard rumors about leaks months before.
Silver declined to comment Friday.
Clark County Commissioner Rory Reid said he told both Silver and the county manager to launch an investigation. The hospital must prevent further breaches of privacy and notify the patients whose personal information was disclosed, Reid said. The county also should do an internal audit to help pinpoint the leaks, he said.
This is the latest blow to a hospital struggling to improve its finances and image. UMC's deficit ballooned to more than $80 million this year and is expected to remain deep in the red next year.
Lacy Thomas, the hospital's former chief executive, was fired nearly three years ago amid allegations that he mismanaged funds and funneled lucrative contracts to Chicago friends who did no work in return.
Commissioner Lawrence Weekly, who sits on UMC's board of trustees, said he was upset that the hospital suffered a setback in regaining the public's trust. The leaks unfairly blemish the hospital employees who are honest and dedicated to helping patients, he said.
"It's frustrating and it's disheartening," Weekly said. "This kind of nonsense is unacceptable."
Review-Journal writer Carri Geer Thevenot contributed to this report. Contact reporter Scott Wyland at swyland@reviewjournal.com or 702-455-4519.
Trending topics:
Comments
Terms & Conditions
The following comments are provided by readers and are the sole responsiblity of the authors. The Review-Journal does not review comments before publication nor guarantee their accuracy. By publishing a comment here you agree to abide by the comment policy. If you see a comment that violates the policy, please use the Report Abuse button.
Some comments may not display immediately due to an automatic filter. These comments will be reviewed within 24 hours. Please do not submit a comment more than once.
Note: Comments made by reporters and editors of the Las Vegas Review-Journal are presented with a yellow background.
RSS
Twitter
Facebook
Given PIO Cassels stated LVMPD won't do anything, District Attorney David Roger has the authority and jurisdiction to charge and prosecute criminals.
This needs to be done to protect Clark County. The patients that were involved in car accidents and transported to UMC have probable cause their medical information was disseminated without their knowledge. This cause exists whether the evidence is produced or not.
Damages will have to be proven, but a sympathetic judge can award up to $70,000 in economic damages and an unlimited amount in non-economic damages.
DA Roger needs to protect the taxpayers should the Clark County liability carriers begin to pay out as they are in catastrophic claims already.
Pathetic. Weekly didn't know it was illegal, and sat on this for two weeks? Kathy Silver was notified in early summer. What the heck is going on with the county and UMC.
This place is a cess-pool of fraud and corruption. It is time the county looks at a total overhaul or maybe selling the place to a private operator. That would limit our losses and protect patients.
It simply cannot continue on this path. The hospital is bleeding money and now this. We need to get a handle on UMC and what is going on..
What this article fails to state is the period of time the confidential information was being sold. Was it in the past three years, or was it just one more of the corrupt money making deals that was going on under the reign of Lacy Thomas?