I’ve worked in healthcare, and my immediate thought was training. When showing somebody the ropes, you often have to pull up some sort of sample, and if your business hasn’t set up a special account for that, it is often a real random account that is used for show.
If you aren’t really thinking about it, it is easy to write in a famous name as a random sample, and then accidentally expose that person as a real patient.
The privacy protections in HIPAA are horrible. Anybody sending a request with a fake letterhead from a hospital is likely to get all the records sent directly to them, no questions asked.
I’ve worked in healthcare, and my immediate thought was training. When showing somebody the ropes, you often have to pull up some sort of sample, and if your business hasn’t set up a special account for that, it is often a real random account that is used for show.
If you aren’t really thinking about it, it is easy to write in a famous name as a random sample, and then accidentally expose that person as a real patient.
The privacy protections in HIPAA are horrible. Anybody sending a request with a fake letterhead from a hospital is likely to get all the records sent directly to them, no questions asked.