The Internal Revenue Service is now facing a class action lawsuit over allegations that it improperly accessed and stole the health records of some 10 million Americans, including medical records of all California state judges.
According to court documents, an unnamed HIPAA-covered entity in California has filed a complaint against the IRS, alleging that 15 IRS agents stole 60 million medical records from 10 million patients. The personal health information seized on March 11, 2011, included psychological counseling, gynecological counseling, sexual/drug treatment and other medical treatment data.
"This is an action involving the corruption and abuse of power by several Internal Revenue Service agents," wrote Robert E. Barnes, attorney representing the John Doe Company, in the official complaint. "No search warrant authorized the seizure of these records; no subpoena authorized the seizure of these records; none of the 10,000,000 Americans were under any kind of known criminal or civil investigation and their medical records had no relevance whatsoever to the IRS search. IT personnel at the scene, a HIPPA facility warning on the building and the IT portion of the searched premises, and the company executives each warned the IRS agents of these privileged records," the complaint continued.
According to the complaint, the IRS agents obtained a search warrant for financial data pertaining to a former employee of the John Doe Company, however, "it did not authorize any seizure of any healthcare or medical record of any persons, least of all third parties completely unrelated to the matter," the complaint read.
"If the allegations are true, the IRS is in trouble," wrote Jim Pyles, Washington-based healthcare privacy lawyer, in a statement to Healthcare IT News. "By both constitutional law and HIPAA, then I think we have a problem."
Pyles added that the Fourth Amendment was drafted in response to the General Warrants issued by the King of England under which his officers could search for any evidence of crime without showing probable cause. "The drafters expressly sought to curb that practice in the 4th Amendment which guarantees the 'right of the people to be secure in their persons, houses, papers, and effects against unreasonable searches and seizures,'" he added. If the allegations are true, "they way overstepped the limits of the search warrant."
The IRS did not respond to inquiries regarding the case.
Just recently, IRS officials have been under fire over routinely searching through Americans' emails, an action the American Civil Liberties Union bills as a violation of the Fourth Amendment. The agency's justification of this process may foreshadow the fate of the California lawsuit. According to New York Daily News, back in 2009 the IRS wrote, "The Fourth Amendment does not protect communications held in electronic storage, such as email messages stored on a server, because Internet users do not have a reasonable expectation of privacy in such communication."
The class action lawsuit against the IRS seeks $25,000 in compensatory damages "per violation per individual" in addition to punitive damages for constitutional violations. Thus, compensatory damages could start at a minimum of $250 billion.