Walgreens to Pay $1.4M for Sharing a Patient’s Medical Info With Her Ex

Walgreens has been ordered to pay an Indiana woman $1.4 million in damages, all because one of its pharmacists made some poor decisions while caught up in a love triangle. Walgreens appealed the judgment, which an Indiana judge denied Nov. 14, confirming Walgreens’ negligence in the case.

The summary of events in Judge John Baker’s opinion reads like the plot of a bad soap opera. It starts with Abigail Hinchy (the plaintiff) and her on-again off-again boyfriend Davion Peterson: Hinchy gave birth to Peterson’s son in 2010, but at some point in 2009, Peterson started dating Audra Withers, a Walgreens pharmacist. Throughout her relationship with Peterson, Hinchy filled all her prescriptions at a Walgreens pharmacy, meaning Withers had access to her information.

When the case was tried in front of a jury, evidence showed Withers obtained Hinchy’s private health information and Social Security number, which she shared with Peterson. Peterson then shared the info with at least three other people. The jury found Walgreens vicariously liable for the breach, because it was negligent in training Withers to understand her role in keeping health records confidential, and Withers was “acting in the course of her employment” when she took Hinchy’s data.

“When you’re talking about protected medical history, we’re not talking about a selfie, we’re really talking about something very serious,” said Adam Levin, identity theft expert and chairman and co-founder of Credit.com. “There’s an enormous amount of information there that can be used to commit financial crimes.”

In this case, a Social Security number was compromised in addition to sensitive medical information. That’s a scary thought considering a Social Security number can be used to apply for credit in your name, access other medical records, file for a tax refund, and steal a person’s identity. If you’re worried your Social Security number has been compromised, you should monitor your credit regularly for signs of fraud. You can get copies of your credit reports for free once a year, and you can check your credit scores for free every month on Credit.com.

Employees like Withers are often the weak link in company data breaches.

“You can’t stop someone from doing something stupid, but unfortunately, doing something stupid can impact an entire organization,” Levin said.

Walgreens spokesman Phil Caruso told Credit.com that the company plans to appeal the decision.

“We take seriously our responsibility to safeguard the privacy of medical records in our possession,” he said. “The pharmacist in this case admitted she was aware of our strict privacy policy and knew she was violating it. She was appropriately disciplined for her action. We believe it is a misapplication of the law to hold an employer liable for the actions of one employee who knowingly violates company policy.”

More on Data Privacy:

Image: iStock

You Might Also Like

A father and son smile at each other
Becoming an authorized user is a common tip for individuals tryin... Read More

September 13, 2021

Uncategorized

A woman shakes the hand of the man who interviewed her.
Long-term unemployment can really hurt—and not just financially... Read More

August 4, 2021

Uncategorized

A stock market graph, similar to the trajectory of GameStop stock, is displayed on a tablet. A blank piece of paper and a pen are next to the tablet, and all sit on a wooden tabletop.
GameStop, a dying video game retailer, has blown past epic propor... Read More

January 28, 2021

Uncategorized