It sounds like a John Grisham plot with an unethical attorney and a turncoat hospital employee.
Actually, the story involves a medical records spy at Beaumont Health network who was undetected for two years and eight months. It's a developing law enforcement case, not a fictional page-turner.
Jay Greene of Crain's tells what emerges so far:
Beaumont Health has fired an employee suspected of disclosing confidential information of more than 1,000 patients to a person believed to have been working on behalf of a personal injury attorney, the Southfield-based hospital system said Saturday morning. ... It has notified 1,182 individuals who may have had their data compromised.
The eight-hospital health system said it is working with law enforcement on the investigation and has notified the Michigan Health & Hospital Association to alert other hospitals about the incident and guard against similar intrusions.
Tighter controls and threat assessments are under way "to minimize the risk of a similar incident in the future," Beaumont says.
Administrators uncovered the data leak Dec. 10. An internal investigation shows that from February 2017 until last Oct. 22, "the former employee accessed and disclosed protected health information without authorization," Beaumont said.
"The information accessed included names, addresses, dates of birth, phone number, email addresses, reason for treatment, insurance information and Social Security numbers."
Notified individuals . . . were asked to closely review health insurance claim information.
The law office isn't named and the dismissed leaker's gender also is unknown.