Today, Epic and a group of healthcare providers are taking legal action to defend patient privacy and protect sensitive medical information.<\/p>\n
The lawsuit states that Health Gorilla, a health information network, enabled Mammoth, RavillaMed, and other companies to improperly access and monetize nearly 300,000 patient medical records from members of the Epic community. This is in addition to an unknown number of records taken from organizations nationwide, including from the VA and providers using other EHRs.<\/p>\n
OCHIN, Reid Health, Trinity Health, UMass Memorial Health, and Epic have filed suit to stop conduct that threatens patient privacy and the integrity of care. The filing cites misconduct including that the defendants:<\/p>\n
\u201cOperate as organized syndicates to monetize patient records without patients\u2019 knowledge or consent.\u201d<\/p>\n
\u201cRequest patient records for the purpose of treating patients but take patient records for other purposes including to market them to lawyers looking for potential claimants \u2026 to join mass tort or class action lawsuits.\u201d<\/p>\n
\u201cObscure their true purpose through fictitious websites, shell entities, and sham National Provider Identification (NPI) numbers \u2026 to create an illusion of legitimate patient treatment activity.\u201d<\/p>\n
Cover their tracks by inserting junk data into patient medical records \u201cto give the false impression that they are treating patients, which risks patient safety and wastes valuable clinician time.\u201d<\/p>\n
The lawsuit continues, \u201cwhen caught, rather than stopping their activity, the bad entity owners, operators and those in their inner circles simply create new companies. The scheme thus operates like a Hydra: when one fraudulent entity is exposed, the bad actors birth a new one\u201d and \u201cif not stopped, they will continue to inappropriately market the patient data they have already taken and will take more.\u201d<\/p>\n
\u201cAt stake are both the protection of medical records that contain some of a person\u2019s most sensitive data, such as genetic, mental wellbeing, and reproductive information, and the ability of physicians to keep their promises to patients that their information will be kept private.\u201d<\/p>\n
\u201cThese actors are putting the enormous positive patient outcomes achieved through interoperability at imminent risk,\u201d the legal filing explains. \u201cWhen used appropriately, interoperability ensures that medical care is informed by a patient\u2019s medical history, allowing healthcare providers to improve patient outcomes.\u201d<\/p>\n