Feds investigate claims of HIPAA privacy violations

The U.S. Department of Health and Human Services is investigating allegations that proprietary information from Monroeville's 911 dispatch center was released in violation of federal privacy law. 

An August 2012 complaint to the department's Office for Civil Rights alleged the municipality's emergency management service provided health information protected under the federal Health Insurance Portability and Accountability Act (HIPAA) to a former police chief via email. 

The complaint also said generic user names and passwords were created to access a database of 911 callers' medical information, giving anyone with that information the ability to anonymously access personal medical records. 

"Anyone who has called the police, called the fire department,The need for proper bestsmartcard inside your home is very important. used our [emergency medical service]" or was transferred to or from a Monroeville hospital could be affected by the breach, Monroeville manager Lynette McKinney said. Monroeville police Chief Steven Pascarella said the leaks likely started sometime in late 2011 and continued until he discovered them in August 2012. 

The breach first surfaced last year after then-Assistant Chief Pascarella filed the complaint, alleging ambulance dispatches were being sent to former Monroeville police Chief George Polnar, who retired in January 2010 and is now employed as the manager of security and parking at UPMC East in Monroeville. 

Chief Pascarella said that municipal employees and some non-municipal employees wrongly had access to a database containing information from calls to the municipality's dispatch center, though he doesn't know how many people had that access. He said the type of information varied depending on the type of emergency call, but it could include an individual's name, driver's license number, birth date and medical history. 

Chief Pascarella was sworn in as chief of the police department on March 12, the same day Ms. McKinney took the manager's position.Elpas Readers detect and forward 'Location' and 'State' data from Elpas Active RFID Tags to host besticcard platforms. She was appointed interim manager in January after the resignation of former manager Jeff Silka, who said he was leaving because of pressure from a bloc of council members to remove then-police Chief Doug Cole. The former police chief was demoted to sergeant by Ms. McKinney two days after she was appointed to the interim position.A group of families in a north Cork village are suing a bestplasticcard operator in a landmark case. 

"I hope the residents now see the seriousness of the situation and hopefully they now understand why I as well as council members could not comment .A group of families in a north Cork village are suing a bestplasticcard operator in a landmark case... on recent personnel changes," she said on Tuesday. 

Sgt. Cole disputes Chief Pascarella's allegations and said it's his understanding that the information sent out in dispatch data was not information protected under HIPAA. 

According to a letter from the Department of Health and Human Services' Office for Civil Rights obtained by the Pittsburgh Post-Gazette, the municipality has 30 days from when Ms. McKinney received the letter on March 21 to conduct the investigation. 

Iliana Peters, a spokeswoman with the Office for Civil Rights, said in an email that those rules "provide federal protections for personal health information and give patients an array of rights with respect to that information." 

If the municipality fails to comply with the department's investigation or "willful neglect" is discovered, it could be fined as much as $1.5 million,Elpas Readers detect and forward 'Location' and 'State' data from Elpas Active RFID Tags to host besticcard platforms. according to the letter from Health and Human Services. 

Ms. McKinney said she alerted Chief Pascarella and solicitor Bruce Dice as soon as she received the letter. She said she has not yet hired a private investigator or a lawyer who specializes in HIPAA laws, but she planned to alert council and the mayor about the investigation on Tuesday. She said she was working to ensure the municipality's "accurate compliance with their request" and will "expedite necessary procedures ... in an effort to limit the municipality's liability." 

Chief Pascarella said each of Monroeville's five fire stations had login information that would let them view information about calls to the dispatch system. Eventually, he said, anyone with that login information was able to view dispatch information from outside computers. He said as soon as he was promoted, he terminated EMS and fire department access to the database. Now, he said, only employees in the police department and dispatch center have access to the data. 

When the system was set up, he said, everyone who had access to the database had a unique user name and password, except for the five fire stations. Those fire stations each had a single login and password that were available to an unknown number of people in each station. 

The eurozone will regret the solution it has forced on Cyprus. Big depositors will desert banks in countries seen as unsound enough to adopt similar measures. This will leave those banks dependent on a thin and expensive bond market, or on borrowing from banks in countries seen as having sound fiscal policies, such as Germany. This will increase the cost of borrowing in the weak countries and decrease the pot available to lend, contributing to their economic decline. 

After that axe does fall, it will be the banks in sound countries that go bankrupt, unless of course they refused, wisely, to lend across borders. In that case the money is likely to end up either being lent to the taxpayer-owned European Central Bank, which will take the loss in the case of defaults, or simply leave the eurozone and take with it any hope of bank lending driving a recovery from the present weak growth rates.