• WeirdGoesPro@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    6
    ·
    5 months ago

    I’ve worked in healthcare, and my immediate thought was training. When showing somebody the ropes, you often have to pull up some sort of sample, and if your business hasn’t set up a special account for that, it is often a real random account that is used for show.

    If you aren’t really thinking about it, it is easy to write in a famous name as a random sample, and then accidentally expose that person as a real patient.

    The privacy protections in HIPAA are horrible. Anybody sending a request with a fake letterhead from a hospital is likely to get all the records sent directly to them, no questions asked.

      • WeirdGoesPro@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        4
        ·
        5 months ago

        No doubt—I’m just saying that medical records get accessed all the time for non-official reasons. Just because someone was in the account doesn’t necessarily imply a smoking gun.

        This year and this account are definitely suspicious though.