Wes Bucey
Prophet of Profit
Among things I contemplate as sit with a consulting client in working out the scope of an assignment is how much to tell him [them] about the scary things which may arise in Risk Assessment which they had NEVER even considered previously without:
From my interested, but uninvolved viewpoint, the situation seems to have been avoidable if the organization in question had done a better job of segregating types of records and maintaining clear and obvious "Chinese Walls" between them.
If the personnel on site when the IRS agents executed their raid (ironically - they were only looking for records of ONE INDIVIDUAL) had been able to clearly and obviously demonstrate to the IRS that their method of retrieval of the electronic records of ANY or ALL records of a single individual were competent and essentially "mistake proof," then the IRS agents would not have been able to make much argument.
The entire lawsuit is available to read as a public record in the San Diego Superior Court as Case #37-2013-00038750-CU-CR-CTL
(It's a bit of a chore to get to, no direct url seems available to post)
In this case, the IRS agents are accused of willfully ignoring ANY such offers of help from IT or other personnel and making a direct threat to "rip the servers out of the building" and "making no effort to segregate [the wanted from the unwanted records]"
I LOVE this one description of one of the IRS agents involved
It is a case that may take YEARS to unfold, but fascinating. However, I STILL face the worry of TMI (too much information) while negotiating an assignment versus too little information only to have the client scream when the ghosts start moaning and rattling chains.
- embarrassing him/them for their omission
- scaring him/them and simultaneously making myself a horrible version of Doomsayer
- leaving myself open to complaint of "Why didn't you tell us this at the beginning?"
I came across this as I was researching for helping a client perform a Gap Analysis of its record keeping and overall Document Management."This is an action involving the corruption and abuse of power by several Internal Revenue Service ('IRS') agents (collectively referred to as 'defendants' herein) during a raid of John Doe Company, in the Southern District of California, on March 11, 2011," the complaint states. "In a case involving solely a tax matter involving a former employee of the company, these agents stole more than 60,000,000 medical records of more than 10,000,000 Americans, including at least 1,000,000 Californians.
"No search warrant authorized the seizure of these records; no subpoena authorized the seizure of these records; none of the 10,000,000 Americans were under any kind of known criminal or civil investigation and their medical records had no relevance whatsoever to the IRS search. IT personnel at the scene, a HIPPA [sic: recte HIPAA] facility warning on the building and the IT portion of the searched premises, and the company executives each warned the IRS agents of these privileged records. The IRS agents ignored and discarded each of these warnings, ignored their own published and public-reliant rules and governing ethical requirements, and ignored the limitations of the court's search warrant authorization, seizing the records under threat of destroying company property."
Plaintiff's attorney Robert E. Barnes declined to elaborate on the complaint's allegations, saying he will have more information "in a few months."
"I had to file to protect against the statute of limitations being an issue, but am still investigating all facts," Barnes told Courthouse News in an email.
The putative class claims the IRS agents' seizure of medical records violated the 4th Amendment.
From my interested, but uninvolved viewpoint, the situation seems to have been avoidable if the organization in question had done a better job of segregating types of records and maintaining clear and obvious "Chinese Walls" between them.
If the personnel on site when the IRS agents executed their raid (ironically - they were only looking for records of ONE INDIVIDUAL) had been able to clearly and obviously demonstrate to the IRS that their method of retrieval of the electronic records of ANY or ALL records of a single individual were competent and essentially "mistake proof," then the IRS agents would not have been able to make much argument.
The entire lawsuit is available to read as a public record in the San Diego Superior Court as Case #37-2013-00038750-CU-CR-CTL
(It's a bit of a chore to get to, no direct url seems available to post)
In this case, the IRS agents are accused of willfully ignoring ANY such offers of help from IT or other personnel and making a direct threat to "rip the servers out of the building" and "making no effort to segregate [the wanted from the unwanted records]"
I LOVE this one description of one of the IRS agents involved
(sounds like a description for bad guy federal agent in a movie, doesn't it?)A special agent involved in the matter has a known and legally documented history of misconduct, ethical breaches, and criminal activity, including, but not limited to, making false statements to a grand jury, making false statements to prospective witnesses in his investigations, misleading prospective witnesses about their rights in his investigations, obstructing independent investigations into his conduct or the matter at hand, disclosing without authorization grand jury secret material in violation and contempt of federal court orders, invading and abusing search warrants and subpoenas for privileged information, including patient privileged information, attorney-client privileged records, and marital privileged information.
It is a case that may take YEARS to unfold, but fascinating. However, I STILL face the worry of TMI (too much information) while negotiating an assignment versus too little information only to have the client scream when the ghosts start moaning and rattling chains.