Privacy breaches in VA health records wound veterans

Privacy breaches in VA health records wound veterans
The Pittsburgh Tribune-Review
By Carl Prine
Published: October 13, 2013

Karen Santoro heard co-workers chattering about her psychological care in 2010.

An Air Force veteran and surgical services scheduler at the Veterans Affairs Pittsburgh hospital in Oakland, Santoro asked officials with the VA and the Department of Health and Human Services to investigate the source of the gossip. It seemed to violate the federal Health Insurance Portability and Accountability Act, or HIPAA, that prohibits release of medical information.

Advised by her physician, Santoro begged her bosses to transfer her or let her work from home until investigators finished their work. They refused. She resigned in mid-2011, disgusted with VA's disregard of privacy laws. She is convinced that officials were retaliating against her and concerned by “inaction” by Health and Human Services, which enforces HIPAA at all health care facilities.

“It's unconscionable that the very people who defend the rights of the American people don't have those rights at VA,” said Santoro, 46, of Pittsburgh's South Side. “... We must fight back and change the system because we deserve a better one.”

A two-month Tribune-Review investigation found VA workers or contractors committed 14,215 privacy violations at 167 facilities from 2010 through May 31, victimizing at least 101,018 veterans and 551 VA employees. Photos of the anatomy of some were posted on social media; stolen IDs of others were used to make fraudulent credit cards.
read more here