Lawsuit filed against Elgin clinic over P2P breach

Steven Ross Johnson reports on a lawsuit involving P2P filesharing and patient data:

Officials from a local medical clinic remained silent Monday about claims they allowed sensitive information on AIDS patients to be leaked.

Calls to the Open Door Clinic of Greater Elgin, 164 Division St., were not returned Monday. The allegations, made in a lawsuit filed last week in 16th Judicial Circuit Court in Geneva by five AIDS patients, claimed the clinic failed to secure personal information, including their HIV/AIDS status, that was made available to the public.

[…]

According to the complaint, a staff computer with a client list of more than 200 patients was accessed and became public domain because the computer had a file-sharing, peer-to-peer program installed — the same type used for popular music downloading sites such as Napster.

Once the information was made public, it was “…searched, accessed, downloaded and re-shared by various P2P file sharing users throughout the world from May 26, 2008, through the present,” according to the complaint.

In at least two cases, information later was stolen and used to commit identity fraud, the complaint says.

One of those who allegedly downloaded the list, according to the complaint, was a known identity thief from Apache Junction, Ariz., who continued to re-share the information on other file-sharing networks.

Read more in The Courier-News.

Update: A copy of the complaint can be found here.

About the author: Dissent

Comments are closed.