The excerpt below is from the LA Times article Vast cashe of Kaiser patient details was kept in private home by Chad Terhune. This shows both the negligence of Kaiser in caring for their patients, but also the lack of privacy and security that is frequently found in electronic health records.
“Federal and state officials are investigating whether healthcare giant Kaiser Permanente violated patient privacy in its work with an Indio couple who stored nearly 300,000 confidential hospital records for the company.
The California Department of Public Health has already determined that Kaiser “failed to safeguard all patients’ medical records” at one Southern California hospital by giving files to Stephan and Liza Dean for about seven months without a contract. The couple’s document storage firm kept those patient records at a warehouse in Indio that they shared with another man’s party rental business and his Ford Mustang until 2010.
Until this week, the Deans also had emails from Kaiser and other files listing thousands of patients’ names, Social Security numbers, dates of birth and treatment information stored on their home computers.
The state agency said it was awaiting more information from Kaiser on its “plan of correction” before considering any penalties.
Officials at the U.S. Department of Health and Human Services began looking into Kaiser’s conduct last year after receiving a complaint from the Deans about the healthcare provider’s handling of patient data, letters from the agency show. Kaiser said it hadn’t been contacted by federal regulators, and a Health and Human Services spokesman declined to comment.”