I was released from my position after running an audit of network security. I have filed a complaint with the Department of Health and Human Services for HIPAA violation.
October 18, 2006 (Press Release) --
For: Immediate Release
On July 19, 2006, I was terminated without just cause from my employment as the Network Administrator for Stone Belt Arc, Inc. Stone Belt is a Bloomington, Indiana based not-for-profit rehabilitation facility for persons with developmental disabilities, whose goal is to help these individuals to participate fully in the community.
Because of the nature of the electronic personal medical information kept on the consumers of Stone Belt, Stone Belt is required to follow the standards of privacy for individually identifiable health information and the security standards for the protection of electronic protected health information as dictated by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The standards specify a series of administrative, technical and physical security procedures for covered entities to use in order to assure the confidentiality of the electronic protected health information.
A few days prior to this occurrence, I ran an security audit that showed, without a doubt, the lack of data security that Stone Belt’s network had, and, most likely, still has. For attempting to convince my employers that Stone Belt needed to comply with the HIPAA security standards, I was terminated.
After several attempts failed to convince Stone Belt to fix the security risks identified before my termination, I filed a formal complaint with the United States Department of Health and Human Services - Office for Civil Rights. Due to my formal complaint, this matter is currently under investigation by the United States Department of Health and Human Services.
I have created this website (www.stonebeltprivacy.com) in order to bring the lack of network security of Stone Belt’s computer network, which houses the protected health information of the consumers of Stone Belt, to the attention of the consumers and/or their guardians.
It is my opinion that the consumers and/or their guardians should take the time to investigate this lack of security and, if they feel that their personal health information that has been collected and stored by Stone Belt is in anyway being jeopardized by this lack of security, then they should take the opportunity to follow one of the many links located on this website in order to file a complaint with the United States Department of Health and Human Services - Office for Civil Rights. It is up to each of the consumers and/or their guardians to make sure that the safety of the consumers, especially as they are prime targets for identity theft, is upheld.
If you have any questions, I can be reached via the contact form on the website.
On July 19, 2006, I was terminated without just cause from my employment as the Network Administrator for Stone Belt Arc, Inc. Stone Belt is a Bloomington, Indiana based not-for-profit rehabilitation facility for persons with developmental disabilities, whose goal is to help these individuals to participate fully in the community.
Because of the nature of the electronic personal medical information kept on the consumers of Stone Belt, Stone Belt is required to follow the standards of privacy for individually identifiable health information and the security standards for the protection of electronic protected health information as dictated by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The standards specify a series of administrative, technical and physical security procedures for covered entities to use in order to assure the confidentiality of the electronic protected health information.
A few days prior to this occurrence, I ran an security audit that showed, without a doubt, the lack of data security that Stone Belt’s network had, and, most likely, still has. For attempting to convince my employers that Stone Belt needed to comply with the HIPAA security standards, I was terminated.
After several attempts failed to convince Stone Belt to fix the security risks identified before my termination, I filed a formal complaint with the United States Department of Health and Human Services - Office for Civil Rights. Due to my formal complaint, this matter is currently under investigation by the United States Department of Health and Human Services.
I have created this website (www.stonebeltprivacy.com) in order to bring the lack of network security of Stone Belt’s computer network, which houses the protected health information of the consumers of Stone Belt, to the attention of the consumers and/or their guardians.
It is my opinion that the consumers and/or their guardians should take the time to investigate this lack of security and, if they feel that their personal health information that has been collected and stored by Stone Belt is in anyway being jeopardized by this lack of security, then they should take the opportunity to follow one of the many links located on this website in order to file a complaint with the United States Department of Health and Human Services - Office for Civil Rights. It is up to each of the consumers and/or their guardians to make sure that the safety of the consumers, especially as they are prime targets for identity theft, is upheld.
If you have any questions, I can be reached via the contact form on the website.
Email
Print
SPAM
LEAVE A COMMENT
