Pakistan may be cooperating with the U.S. in the war on terrorism, but apparently there is no secure undisclosed location in that country for American medical records.
A low-paid transcriber in Pakistan, working as a sub-sub-subcontractor to the University of California, San Francisco, Medical Center, recently threatened to post confidential patient information on the Internet unless the school coaxed her boss into coughing up some cash, according to the San Francisco Chronicle.
"Your patient records are out in the open to be exposed, so you better track that person and make him pay my dues or otherwise I will expose all the voice files and patient records of UCSF Parnassus and Mt. Zion campuses on the Internet," Lubna Baloch wrote in an e-mail to the medical center, the Chronicle reported. The e-mail reportedly came with several physicians' dictated notes as attached files.
Baloch withdrew the threat after an intermediary paid her "several hundred dollars," the story says.
A UCSF spokesperson confirms all the details in the Chronicle story, including the contention that UCSF was unaware that a Florida subcontractor to its local transcription vendor farmed off some of its work to a Texas man who maintains a network of offshore subcontractors.
A state lawmaker already is talking of legislation to block California hospitals from sending health information overseas. Meanwhile, we anxiously await CMS guidance on HIPAA provisions for international blackmail.