By

Over the past few days the server on which the “California Political News and Views—California Political Review” is on was hacked and closed for three days. Last night I found out it was not just our site hacked with a “denial of service attack” but tens of thousands of sites forced to close. We do not know who did it or if they will be punished. In California, Kaiser-Permanente has had a string of database violations, causing many patients, myself included, to have our medical records exposed. In fact KP is one of the major database violators—and nothing had been done to stop it or punish them. “Kaiser Permanente operates multiple hospitals throughout California and has experienced firsthand the different approaches taken by the Department of Public Health’s various offices. Two Kaiser facilities — the South Sacramento hospital on Bruceville Road and the Sacramento hospital on Morse Avenue — ranked first and second for citations in Sacramento County, with 17 and 13. Meanwhile, Kaiser’s flagship in L.A. has had none, although it has reported privacy breaches to the state, a spokeswoman confirmed. “We can’t speculate how this information is recorded or reported by the state, but we can tell you that we comply with all federal and state reporting requirements,” Vanessa Benavides, Kaiser Permanente’s chief compliance and privacy officer, said in a statement.” Think your medical records are secure? Then you think Obama knows how to tell the truth. ObamaCare mandates that all medical records be on the Internet—Barack wants to assure all Americans are eligible to have their privacy invaded and open them up to blackmail—thanks Mr. President.

Alexander Nguyen, Fair Oak Patch, 1/2/16



Your health information is supposed to remain private — it’s the law. But according to a report by ProPublica, some of the biggest names in the health industry are repeat offenders of Health Insurance Portability and Accountability Act, including California-based Kaiser Permanente.

And it’s not just massive breaches of data that resulted in a violation. It could be something as simple as mailing someone the wrong test results or yelling one’s medical information across the pharmacy.

If you’ve ever been to a doctor’s office, a dentist’s office or had your prescription filled, you have no doubt heard of the HIPAA. It’s a federal law that protects for medical information from being shared with those who don’t have a need to see it.

But according to the an investigation by ProPublica, Kaiser Permanente, among others, repeatedly violated patients’ privacy with little repercussions.

The report shows Kaiser receiving 146 HIPAA complaints in the last four years.

Kaiser said it’s fully committed to protecting patient’s information and continually working to improve. In statement to Patch, Kaiser said:

We work to foster a culture of compliance that protects information, including that of members, patients, employees, physicians, and other information confidential to our business. Specifically around member and patient information protection, we conduct education, training and awareness programs that are required for our employees and physicians, so they understand the imperative of following the law, and the potential impact that failing to do so can have on patients, and on their employment.

While it is unrealistic to expect zero violations from health providers. There are always some inadvertent sharing of information or rogue employees, but the numbers of repeat offenses have experts worried.

“It may be true that you can’t get down to zero, but you need to make a really good faith effort to follow up on the complaints that were filed,” Mark Rothstein, chair of law and medicine and the founding director of the Institute for Bioethics, Health Policy and Law at the University of Louisville School of Medicine, to ProPublica.

An official for the Office for Civil Rights, the agency tasked with enforcing the law and doling out punishments, told ProPublica the agency’s top priority has been dealing with large breaches, where 500 or more people are affected. Small repeat violations are investigated but not necessarily punished.