Jun 292018
 
 June 29, 2018  Posted by  Breaches, Court, Healthcare

by Charles Ornstein

A prominent New Jersey psychologist is facing the suspension of his license after state officials concluded that he failed to keep details of mental health diagnoses and treatments confidential when he sued his patients over unpaid bills.

The state Board of Psychological Examiners this week upheld a decision by an administrative law judge that the psychologist, Barry Helfmann, “did not take reasonable measures to protect the confidentiality of his patients’ protected health information,” Lisa Coryell, a spokeswoman for the state attorney general’s office, said in an email.

The administrative law judge recommended that Helfmann pay a fine and a share of the investigative costs. The board went further, ordering that Helfmann’s license be suspended for two years, Coryell wrote. During the first year, he will not be able to practice; during the second, he can practice, but only under supervision. Helfmann also will have to pay a $10,000 civil penalty, take an ethics course and reimburse the state for some of its investigative costs. The suspension is scheduled to begin in September.

New Jersey began to investigate Helfmann after a ProPublica article published in The New York Times in December 2015 that described the lawsuits and the information they contained. The allegations involved Helfmann’s patients as well as those of his colleagues at Short Hills Associates in Clinical Psychology, a New Jersey practice where he has been the managing partner.

Helfmann is a leader in his field, serving as president of the American Group Psychotherapy Association, and as a past president of the New Jersey Psychological Association.

ProPublica identified 24 court cases filed by Short Hills Associates from 2010 to 2014 over unpaid bills in which patients’ names, diagnoses and treatments were listed in documents. The defendants included lawyers, businesspeople and a manager at a nonprofit. In cases involving patients who were minors, the lawsuits included children’s names and diagnoses.

The information was subsequently redacted from court records after a patient countersued Helfmann and his partners, the psychology group and the practice’s debt collection lawyers. The patient’s lawsuit was settled.

Helfmann has denied wrongdoing, saying his former debt collection lawyers were responsible for attaching patients’ information to the lawsuits. His current lawyer, Scott Piekarsky, said he intends to file an immediate appeal before the discipline takes effect.

“The discipline imposed is ‘so disproportionate as to be shocking to one’s sense of fairness’ under New Jersey case law,” Piekarsky said in a statement.

Piekarsky also noted that the administrative law judge who heard the case found no need for any license suspension and raised questions about the credibility of the patient who sued Helfmann. “We feel this is a political decision due to Dr. Helfmann’s aggressive stance” in litigation, he said.

Helfmann sued the state of New Jersey and Joan Gelber, a senior deputy attorney general, claiming that he was not provided due process and equal protection under the law. He and Short Hills Associates sued his prior debt collection firm for legal malpractice. Those cases have been dismissed, though Helfmann has appealed.

Helfmann and Short Hills Associates also are suing the patient who sued him, as well as the man’s lawyer, claiming the patient and lawyer violated a confidential settlement agreement by talking to a ProPublica reporter and sharing information with a lawyer for the New Jersey attorney general’s office without providing advance notice. In court pleadings, the patient and his lawyer maintain that they did not breach the agreement. Helfmann brought all three of these lawsuits in state court in Union County.

Throughout his career, Helfmann has been an advocate for patient privacy, helping to push a state law limiting the information an insurance company can seek from a psychologist to determine the medical necessity of treatment. He also was a plaintiff in a lawsuit against two insurance companies and a New Jersey state commission, accusing them of requiring psychologists to turn over their treatment notes in order to get paid.

“It is apparent that upholding the ethical standards of his profession was very important to him,” Carol Cohen, the administrative law judge, wrote. “Having said that, it appears that in the case of the information released to his attorney and eventually put into court papers, the respondent did not use due diligence in being sure that confidential information was not released and his patients were protected.”

Filed under:

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.

 

Jun 292018
 
 June 29, 2018  Posted by  Court, Surveillance, U.S.

Orin Kerr writes:

As regular readers know, I have argued in my academic writing that the Fourth Amendment should be interpreted to impose use restrictions on nonresponsive data seized pursuant to a computer search warrant. In a new decision, State v. Mansor, the Oregon Supreme Court appears to have adopted my approach under Oregon’s state equivalent of the Fourth Amendment.

Read more on The Volokh Conspiracy.

h/t, Joe Cadillic

Jun 292018
 
 June 29, 2018  Posted by  Surveillance, U.S.

Susannah George reports:

The National Security Agency said Thursday it is deleting call records after “irregularities” caused it to collect records it was not authorized to receive.

The agency released a statement saying it began deleting records in May after “analysts noted technical irregularities in some data received from telecommunications service providers.”

The records date back to 2015 and were obtained under the Foreign Intelligence Surveillance Act.

Read more on Courthouse News.

So where is the audit showing whether these unauthorized collected records were actually used in any cases? Do they just delete them with no proper investigation as to whether the records had any role in any investigation or cases?

And why did it take from 2015 until now/recently to detect that there was something irregular going on?

Don’t get me wrong – I’m glad they caught errors, if there were innocent errors. But where’s the demonstration that there was no harm attributable to these errors?

h/t, Joe Cadillic

Update:  Okay, I found the relevant statment from NSA, which I am reproducing in full, below. Note it appears that the records were not used at all, which is good news.

NSA Reports Data Deletion

Consistent with NSA’s core values of respect for the law, accountability, integrity, and transparency we are making public notice that on May 23, 2018, NSA began deleting all call detail records (CDRs) acquired since 2015 under Title V of the Foreign Intelligence Surveillance Act (FISA)

The Government relies on Title V of FISA to obtain CDRs, which do not include the content of any calls. In accordance with this law, the Government obtains these CDRs, following a specific court-authorized process.

NSA is deleting the CDRs because several months ago NSA analysts noted technical irregularities in some data received from telecommunications service providers. These irregularities also resulted in the production to NSA of some CDRs that NSA was not authorized to receive. Because it was infeasible to identify and isolate properly produced data, NSA concluded that it should not use any of the CDRs. Consequently, NSA, in consultation with the Department of Justice and the Office of the Director of National Intelligence, decided that the appropriate course of action was to delete all CDRs. NSA notified the Congressional Oversight Committees, the Privacy and Civil Liberties Oversight Board, and the Department of Justice of this decision. The Department of Justice, in turn, notified the Foreign Intelligence Surveillance Court. The root cause of the problem has since been addressed for future CDR acquisitions, and NSA has reviewed and revalidated its intelligence reporting to ensure that the reports were based on properly received CDRs.

 

Jun 292018
 
 June 29, 2018  Posted by  Breaches, Business, Non-U.S.

Jay Jay writes:

A critical key management error on part of Swann Commumications during the manufacturing stage of two home security cameras caused a major privacy concern after video footage of a family’s home was delivered to a third person’s app.

The privacy breach came to light when Ms. Louisa Lewis, who is a member of the BBC’s staff, received footage of an unknown family’s kitchen on her smartphone app. This was the first time since she started using a Swann security camera that she received footage of someone else’s home on her app.

Read more on Teiss.