The complaint, which has not been answered or acknowledged by the IRS according to the court filings, accused as many as 15 IRS agents of using strong-arm tactics and threatening to “rip” computer servers with protected health information out of the unnamed healthcare company's building on March 11, 2011.
The suit claims the agents “stole” as many 60 million total records on the server, even though they were empowered with a search warrant involving a single employee of the company who had an undisclosed tax problem.
“Even though defendants knew that the records they were seizing were not included within the scope of the search warrant, the defendants nonetheless searched and seized the records without making any attempt to segregate the files from those that could possibly be related to the search warrant,” according to the lawsuit. “In fact, no effort was made at all to even try maintaining the illusion of legitimacy and legality.”
The IRS agents then set up shop in the company's headquarters and used its media system to watch NCAA tournament basketball games, also ordering pizza and soda, the suit says.
The lawsuit seeks class-action status.
On Tuesday, Reps. Tim Murphy (R-Pa.), Dr. Michael Burgess (R-Texas), Joe Barton (R-Texas) and Marsha Blackburn (R-Tenn.) sent a letter to acting IRS Commissioner Daniel Werfel asking how the agency handles Americans' protected health information.
The letter specifically asks whether the IRS believes that the legal prohibition on disclosing information from tax returns includes electronic health records that are seized with a warrant, either legally or improperly.
A news release from the committee members advertising the letter to the IRS acting commissioner said the lawmakers were concerned about the adequacy of restrictions on how the IRS handles protected health information given the tax agency's key role in implementing the Patient Protection and Affordable Care Act.
If the data seizure did take place as alleged, it could be the largest data breach on record. According to HHS' Office of Civil Rights, the current largest breach took place in September 2011, when Tricare lost backup tapes containing health information on 4.9 million people.
The House members' action on the three-month-old lawsuit follows a controversy that unfolded last month when it was revealed that IRS employees in Cincinnati had inappropriately targeted not-for-profits affiliated with the Tea Party political movement for increased scrutiny.
Follow Joe Carlson on Twitter: @MHJCarlson
