Patients receive fraudulent HIPAA notification letter from medical group

Staff -

After several patients received HIPAA notification letters from what appeared to be Buffalo (N.Y.) Medical Group, the medical group says the allegations — and the letter itself — are unfounded and fraudulent, reports WKBW.

A patient shared the alleged HIPAA notification letter with WKBW, which appears to be on letterhead stationary from the medical group. Three anonymous employees claim to be the authors of the letter.

The letter alleges a nurse in BMG's dermatology clinic was sharing protected health information of patients with her former boyfriend, who notified officials at BMG. The letter claims the BMG officials did nothing about the breached information.

"Therefore, we, a group of 3 employees are contacting all the patients whose information was intentionally and deliberately leaked to 3rd parties," reads the letter. "We are making this last ditch attempt to stop this nefarious behavior by [name redacted] and anyone else working for BMG."

Notably, the letter sent to patients misspells the HIPAA acronym, writing it instead as HIPPA.  

Buffalo Medical Group launched an investigation into the incident and determined the letter was not written by an employee.

"The letter was fabricated and widely distributed for the sole purpose of harassing the individuals named in the letter, and that the motives of the author are wholly unrelated to the professional conduct of the Buffalo Medical Group or its employees," the medical group said in a statement to WKBW. "We are working with our advisors to take appropriate legal action against the responsible party."

More articles on HIPAA:

Not-so-sensitive data: The case for unprotected health information
Court imposes $2.2M fine on NewYork-Presbyterian for allowing filming without patient consent
Raleigh Orthopaedic Clinic to pay $750,000 to settle HIPAA violation

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.