Documenting all the places
personal data goes.
Legend: 
with your name,
without your name.
Click on a circle above for names of organizations and details of data shared.
Law and Justice includes law enforcement, the judiciary, and other organizations related to enforcing the laws and trying and housing those who break them. Inmates in prisons are treated in the prison system and their medical conditions are recorded. Law enforcement can get a warrant to access to private medical information.
Examples
Florida Dept. Of Corrections purchases statewide personal hospital discharge data from at least FL [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard. | A Womans Place had a data breach in 2010, in Alaska. An ACLU lawsuit claims that police acted inappropriately during a raid of A Womans Place clinic. The lawsuit claims that police not only confiscated around 400 medical records, but read them and revealed sensitive medical information about patients to outside parties.UPDATE (12/28/2012): ACLU is asking that the records be returned. The police were investigating the clinic because its owner is accused of billing state Medicaid program for services to 37 patients after having her license suspended. Seven pharmacies billed Medicaid for prescriptions she had written after the owners prescription authority was also suspended. [source]. | |
Maine Office of Attorney General purchases statewide personal hospital discharge data from at least ME [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard. | California Mens Colony (CMC) had a data breach in 2010, in California. An attorney mishandled the records of eight inmates who had been found guilty of murder. The names, criminal history, psychological evaluations, Social Security numbers and observations about their family relationships and behavior in prison were found in a public dumpster. (8 records involved) [source]. | |
Office of Attorney General, ME purchases statewide personal hospital discharge data from at least ME [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard. | Maryland Federal Court had a data breach in 2009, in Maryland. A filing error in Marylands federal court resulted in health insurance information for 226 people - including 42 Social Security numbers - being made available to the public for more than two weeks. The private information of Washington area residents was included in requests for warrants to search the doctors offices in Suitland, La Plata, Oxon Hill and Falls Church as part of a health care fraud investigation. The warrants were marked as being sealed and, therefore, were not supposed to be made public. (226 records involved) [source]. | |
Connecticut Airport Authority had a data breach in 2017, in Connecticut. Connecticut Airport Authority suffered a data breach of 144 records which included Driver's Licenses. [source] | Mule Creek State Prison had a data breach in 2015, in California. [source] | |