• Home
• Topics
  • Business and Finance
  • Chronic Disease Care
  • Consumer Information
  • Data Standards
  • EHRs and PHRs
  • Global Health
  • Health Plans
  • Hospitals
  • Meaningful Use
  • Mobile Health
  • ONC
  • Patient Safety
  • Physician Practices
  • Policy
  • Privacy and Security
  • Public Health
  • Telehealth
• Perspectives
  • Current Perspectives
  • Perspectives Archive
• Features
  • Current Feature
  • Features Archive
• Data Points
  • Current Data Point
  • Data Point Archive
• Special Reports
• Most Popular
  • Most Viewed
  • Most Emailed
  • Most Commented

EVENTS

View All Events

FROM THE FOUNDATION

Patient Health Data, Understood

Most patient health records today are hard for consumers to understand. CHCF asked high-end designers what a "human-centered" approach might look like.

The Health Datapalooza

Register now for the June 5-6 HDI Forum III in Washington, DC, on health innovation that will include renowned speakers, breakout sessions, and an apps expo replete with demos, developers, and designers.

A veteran and a military family have filed a class-action lawsuit against the Department of Defense, seeking $4.9 billion in damages from a recent data breach affecting 4.9 million beneficiaries of TRICARE, NextGov reports (Brewin, NextGov, 10/13).

TRICARE provides health benefits for military personnel, retirees and their families.

Background on Data Breach

Science Applications International Corporation -- the DOD contractor responsible for the breach -- said the incident involved the loss of backup computer tapes from an electronic health record system. SAIC reported the breach on Sept. 14.

The tapes contained data on TRICARE beneficiaries who received care at military facilities between 1992 and Sept. 7. Affected beneficiaries are residents of TRICARE's southern region.

According to officials, the patient data on the magnetic tapes include:

• Addresses;
• Personal health information;
• Phone numbers; and
• Social Security numbers (iHealthBeat, 9/29).

Details of Lawsuit

The suit, filed in the U.S. District Court for the District of Columbia, seeks $1,000 in damages for each affected beneficiary, no-cost credit monitoring and an order prohibiting TRICARE from moving records off government property unless they are fully encrypted.

The plaintiffs allege that TRICARE failed to take the necessary precautions to protect patients' privacy, noting that the data stored on the stolen computer tape were "unprotected, easily copied" and that TRICARE "inexplicably failed to encrypt the information."

The lawsuit argues TRICARE "compounded its dereliction of duty by authorizing an untrained or improperly trained individual to take the highly confidential information off of government premises and to leave unencrypted information in an unguarded car."

SAIC was not named as a defendant in the case.

Although TRICARE downplayed the likelihood of someone being able to access the information on the stolen tape when announcing the data breach last month, the plaintiffs argued that "personal information on the computer tape could be retrieved by the name of an individual or by an identifying number, symbol or other identifying data assigned to an individual."

TRICARE declined to comment on the lawsuit (NextGov, 10/13).

• Print
• Email
• Share
  • Facebook
  • Twitter
  • LinkedIn
  • Digg

RELATED STORIES

09/29/2011

Data Breach Could Affect up to 4.9M Beneficiaries of TRICARE

10/06/2011

'Chain of Events' Led to Patient Data Breach at Stanford Hospital

09/28/2011

Laptop Theft Exposes Data on 16,000 Patients in Minnesota

09/07/2011

OCR: More Than 30K Health Data Breaches Recorded Since 2009

MOST POPULAR ARTICLES

• 
• 
•