A woman in Attleboro takes an at-home test and finds out she’s pregnant. She looks up nearby reproductive health clinics and finds one: Four Women Health Services, which has also been providing abortions for decades. She sends a request through an online chat on Four Women’s website to set up an ultrasound appointment.
Less than half an hour later, she receives a call to schedule an appointment and books one.
But the person who just called her doesn’t work for Four Women. They called to book her an appointment at the center across the street: Attleboro Women’s Health Center, or Abundant Hope.
That’s what allegedly happened last October. Four Women is now suing in federal court, alleging that at least four potential patients apparently had their messages intercepted by Attleboro Women’s Health Center — an entity that is not a licensed health care facility and does not provide abortions.
This is extremely troubling news. It is really important to find out exactly what the compromise was here. Was the legit clinic using an unsecure platform or do they have a bad actor among them. I did find it interesting that the third party software companies weren’t commenting on the case. It would be absolute mayhem in the healthcare industry if it turns out that the software was easily compromised by bad actors. I understand that a lot of smaller companies “get what they pay for” however HIPAA isn’t something to fuck around with. And I would definitely like to see some criminal charges for the crisis center’s theft of data and patients here. Those snake oil salesmen are a plague on real healthcare.