This story enrages. An innocent, productive individual with a profitable business had that business destroyed by a government agency aligned with a corrupt business. This is a human face of regulatory criminality, and though the victim continues his lonely fight, all of the guilty parties will probably walk. From Dune Lawrence at bloomberg.com:
The first phone call that changed Michael Daugherty’s life came in May 2008. Daugherty was a happy man, running a good business in a nice place. That’s how he talks about it, like the opening five minutes of a movie, setting up how great everything is before disaster strikes. His Atlanta-based company, LabMD, tested blood, urine, and tissue samples for urologists, and had about 30 employees and $4 million in annual sales.
Daugherty is a middle-aged guy distinguished by small, kind brown eyes and a big, meaty laugh—a business everyman of a certain vintage, with a salesman’s mix of friendly and aggressive. He’s from Detroit, and you can occasionally hear it in his vowels. Kevin Spacey could play him in the movie.
Here’s where the story turns dark. That Tuesday, LabMD’s general manager came in to tell Daugherty about a call he’d just fielded from a man named Robert Boback. Boback claimed to have gotten hold of a file full of LabMD patient information. This was scary for a medical business that had to comply with federal rules on privacy, enshrined in the Health Insurance Portability and Accountability Act. I need proof, Daugherty told his deputy. Get it in writing.
Boback e-mailed the document. It was a LabMD billing report containing data, including Social Security numbers, on more than 9,000 patients. Boback quickly got to the sales pitch: His company, Tiversa, offered an investigative service that could identify the source and severity of the breach that had exposed this data and stop any further spread of sensitive information.
LabMD’s four-person IT team found the problem almost immediately: The manager of the billing department had been using LimeWire file-sharing software to download music. Without knowing it, she’d left her documents folder, which contained the insurance report now in Tiversa’s possession, open for sharing with other users of the peer-to-peer network. The billing manager’s computer was the only machine at LabMD with LimeWire—having it was a violation of company policy—and the tech staff removed it.
They also began scouring peer-to-peer networks and the Internet for signs of the file on the loose, in case someone outside Tiversa had downloaded it and shared it with others. They looked for months and never found it.
Boback kept e-mailing during this period, urging swift action and claiming that Tiversa was seeing searches and downloads of the file. When LabMD asked for specifics, Boback said he could provide those only after LabMD signed a service agreement. The sample agreement he sent listed a rate of $475 an hour, and Boback said the fix for a problem of this nature typically took two weeks. (Two 40-hour weeks at that rate would total $38,000.) His e-mails mentioned negative press related to the leak of 1,000 Social Security numbers by Walter Reed Army Medical Center, and he offered to send over a breakdown of data breach notification laws in 43 states.
Boback had an unusual background for a cyber entrepreneur. Before starting Tiversa, he’d been a chiropractor and dabbled in real estate around Pittsburgh, where he’d grown up. He founded the company in his hometown in early 2004 with Sam Hopkins, one of his chiropractic clients, who became the chief technology officer.
Boback proved an adept salesman. By 2007, Tiversa had collected a group of high-powered advisers, most notably Wesley Clark, the retired four-star general. Boback testified that July before the House Committee on Oversight and Government Reform, introduced by the chairman as “a leading authority in the consequences of inadvertent information sharing.” (Clark said through a spokesperson that he hasn’t been involved with Tiversa for several years.)
To continue reading: A Leak Wounded This Company. Fighting the Feds Finished It Off
STRAIGHT LINE LOGIC 