Wednesday, February 18, 2009
CVS may have "dumpster leak" of pharmacy info
CVS Pharmacies reached an agreement with the Texas Attorney General regarding proper training of employees and proper information safeguards of prescription information.
Apparently the case occurred when some pharmacy records, including customer identifying information and credit card numbers were dumped behind a Texas store.
However, no cases of actual compromise of customers are known to have occurred.
Pharmacy information would be protected by HIPAA as well as other privacy laws. However, absolute protection is difficult. Prescriptions are often renewed by fax or phone, and often given to relatives of the elderly or infirm.
The KLTV Jacksonville story is here.
I had an incident last year where a CVS store gave me some of someone else's pictures on a photo CD. It's possible that such a situation could compromise another customer's privacy.