4_April Fools

This is one best-of list you don’t want to be on.

In honor of April Fool’s Day, here are our top five April fools—the people, criminals, and organizations responsible for the dumbest data breach and identity theft incidents on record. We couldn’t make this stuff up.

5. Health care providers should be commended for the steps they’ve taken to safeguard patient records. But they clearly have miles to go. A recent Ponemon report found that 81 percent of all health care organizations allow their employees to use smartphones at work to access patient records, email, and other web- and cloud-based services. This is a terrible habit. Especially considering that…

4. …three out of the 10 largest health care data breaches in 2012 involved health care employees downloading, emailing, or otherwise accessing patient information, according to Healthcare IT News. Six of those breaches last year involved the theft of an unencrypted laptop belonging to a hospital.

3. In March, Samaritan Hospital in Troy, N.Y., disclosed that a member of its nursing staff had improperly accessed patient records. This would be a shining example of corporate accountability if the episode hadn’t occurred in November 2011. The hospital’s parent company, St. Peter’s Health Partners, had not yet completed the consumer notification process spelled out in federal guidelines. But a spokeswoman for the St. Peter’s told the Troy Record that the local sheriff asked them to hold off on notification. And “if a law enforcement agency asks to delay notification so as not to impede an investigation of a potentially criminal nature, we have to comply.”

2. A 26-year-old woman stole a Colorado waitress’s wallet, then used the victim’s driver’s license to buy a cocktail from the victim herself. Yes, it’s pretty bad to hand a stolen ID to the person you stole it from, whose picture is on the card. But read that first sentence again: The thief was 26. Why did she need a fake ID in the first place?

1. And the winner is…the unlucky thief who got hold of credit card account information belonging to U.S. Supreme Court Chief Justice John Roberts. According to the Washington Post, Roberts paid cash at a Starbucks near his Maryland home last week, though he usually uses a credit card there. Why the change in protocol? His credit card had been compromised, he told the cashier, so he had to cancel it. Let’s hope he has good identity theft coverage. And a word of advice to the thief: Don’t appeal your case all the way to the nation’s highest court.

Leave a Reply