kaiserfraud ([info]corphq) wrote,
@ 2006-07-28 10:29:00
Previous Entry  Add to memories!  Tell a Friend  Next Entry
Entry tags:kaiser permanente, kaiser privacy, kaiser tech

Kaiser Spraying Patient Data Around Again
Is there anyone who *doesn't* have Kaiser's patient info at this point? This week Kaiser mailed letters to 160,000 patients to let them know a laptop containing their personal data (phone numbers and Kaiser MRN numbers) had been stolen.

Anyone want to compare the number 160,000 to the way I supposedly endangered the public by pointing out a Kaiser web site that had been online for five years that later turned out to contain the MRNs for around 150 people? Where is the DMHC press release and public order intended to turn anyone who dares mention it into a supervillain? Why isn't Scott Budman of NBC 11 busy splicing news clips together to invent a hacker? Any plans to haul the person who tipped off Wired into court yet?

At least the public has been informed about the laptops. There hasn't been a word in the press about the other Kaiser web site that put patient information online.

Update: I'd like to put this article about Kaiser's desperation in context. When I worked for Kaiser, Covansys contractors were earning $150/hr. for twiddling with HTML, attending department meetings, and taking long walks around Lake Merritt in Oakland. I'm sure the contractors who were working with the hot buzzwords, like J2EE, were making a great deal more. These costs have all been passed on to Kaiser members as they have been used as the justification for huge membership rate increases for the last several years. If Kaiser's demand for "immediate price relief" is met, I doubt those savings will translate into a reduction of membership fees.


(7 comments) - (Post a new comment)

(Screened Post)
Re: Article On Line
[info]corphq
2006-07-28 06:24 pm UTC (link)
Yes - that's my case. It's odd that was just reposted online after over a year.

By the way, even after the DMHC made this public, Kaiser's lawyers continued to try to make it look to the court like I had stolen the information as an employee. They could rely on the fact the Judge just declared a technicality every time I tried to submit something.

(Reply to this) (Parent)
Swell.
[info]fiona64
2006-08-03 04:48 pm UTC (link)
BTW, I just found you; I was reviewing some stuff about the problems I had as a KP employee, and found that you had commented last year during that time. I'm terribly sorry to learn I'm not the only one who was treated like shite by them ... but I'm also not surprised. Ever since they brought in George Halvorson and his gang of thugs, the whole organization has gone to hell. :-(

(Reply to this) (Thread)
Re: Swell.
[info]corphq
2006-08-03 05:21 pm UTC (link)
Hi, Fiona -

Happy to friend you! The level of employee abuse that goes on at Kaiser is unacceptable. I think people who haven't worked there have trouble understanding the situation - they think "aren't employees treated badly everywhere?" In other organizations, though, there are usually checks in the system that keep managers from doing just anything they want. At Kaiser managers can lie, destroy evidence, do a myriad of retaliatory things, and HR will just cover up for them. This is a public issue because this level of corruption and fraud and can make it seem like a matter of "corporate culture" to cover up medical mistakes or mess with inconvenient documentation that relates to members.

Kaiser needs to put some checks in place and limit the level of discretionary power managers now have. I will keep fighting for this as long as I can, and I know at least some of the employees at Kaiser appreciate the effort.

(Reply to this) (Parent)(Thread)
Re: Swell.
[info]fiona64
2006-08-03 09:43 pm UTC (link)
At Kaiser managers can lie, destroy evidence, do a myriad of retaliatory things, and HR will just cover up for them.

That was precisely my experience, in a nutshell. I was fired in retaliation for telling a director of quality that he had no right to stand in my cube, less than a foot from me, and scream in my face. When I filed a complaint against him, HR told me (and this is a quote): "Unless he made a fist and said 'I'm going to hit you,' we don't get involved." I documented the entire incident ... and suddenly HR had no copies of anything. I had cc'd the PIC on the complaint, and his admin assistant told me, on the QT, that they had no intention of doing anything about this man's abusive behavior ... and that she had been directed to *shred* the PIC's copy of my complaint.

If you go into my archives from last year, you'll see a number of incidents discussed. Many of them subsequently were "friends only," but it occurs to me that perhaps they shouldn't have been. People need to know about how KP treats its employees.

BTW, another physician, Dr. Cyrus Safai of KSSF, was fired for telling the state medical board that his complaints about patients dying while awaiting life-saving procedures had gone unheeded. The official reason was "insubordination" ... because Dr. Safai was told *not* to go to the medical board.

This happened right on the heels of my firing, that of three of my colleagues who had also stood up to the bully director in question ... and the subsequent firing of the woman who was brought in to fire *us* so that it wouldn't be provable retaliation. She was, apparently, quite surprised to be escorted off the campus after she'd done all the dirty work.

As my husband put it at the time, "Doesn't she know that the first thing you do after an assassination is get rid of the assassin?"

(Reply to this) (Parent)(Thread)
Re: Swell.
[info]corphq
2006-08-03 10:05 pm UTC (link)
"Unless he made a fist and said 'I'm going to hit you,' we don't get involved."

I've said it ten times before, and I'll say it again: the root of Kaiser's problem is their utterly irresponsible HR. When they cover up for inept and unethical managers, they are implicating the organization as a whole in corruption and fraud.

Kaiser's leadership needs to get this message. They need to understand that this is not business as usual, and they won't be able to get away with papering it over with PR. They need to do something about this problem now.

I'd be happy to collate your old entries into one post. Just send me the links to them: kaiser_scapegoat (at) hotmail.com

Ps. Your husband sounds like a terrific guy. :-)

(Reply to this) (Parent)
Compromised Laptops
(Anonymous)
2006-09-24 05:27 pm UTC (link)
For all of their huffing and puffing regarding patient confidentiality, you will never EVER find Kaiser being proactive in policy when it comes to points of failure. Laptops are a perfect example. Laptops at Kaiser aren't encrypted - they're standard Windows 2000 and Windows XP. These are *easy* to break into. All of these reactions by Kaiser have come after the breech has occurred, not before or during.

We just recently signed a compliance (gotta love that term) paper promising that we'll safegaurd data, change our passwords, blah blah blah. I guess this is a proactive shift-the-blame move on the part of Kaiser, to allow themselves to fire the employee at hand in case another point of failure occurs.

Another example of a proactive policy are thumb drives. Thumb drives are little 1 or 2 gig (or more) plug-in USB drives that allows someone to transport data easily and quickly. These are allowed, and these are a point of failure. How in the hell are you going to control patient day if you don't have a restrictive security policy when it comes to transporting it?

I guess the law suits are worth it.

(Reply to this) (Thread)
Re: Compromised Laptops
[info]corphq
2006-09-25 06:20 pm UTC (link)
One of the big ironies for me is that when I worked for Kaiser I tried very hard to inform the project managers in my department about the vulnerabilities we were creating. I pointed out that physicians were putting copyrighted images on the physician home pages, and I also tried to explain the danger of letting the physicians post too much personal information about themselves (I even did a little data aggregation on the Physician Lead for the project to demonstrate how easy it was). No one would listen to me - I'm not sure if it was because I was impinging on managerial Thought Leadership or if they genuinely thought it was a trivial issue. I'm kind of disappointed no one ever sued Kaiser over the image-swiping.

I just noticed that one of the CA candidates for Governor got in trouble for inconvenient Googling. Luckily for them, the DMHC didn't decide to grandstand at their expense on the vague feeling that all that Googling might be a threat to public safety.

(Reply to this) (Parent)

(7 comments) - (Post a new comment)

Create an Account
Forgot your login or password?
Login w/ OpenID
English • Español • Deutsch • Русский…