Illustration by Max Fleishman

Orlando hospitals foot the bill for Pulse victims after data breach

Data compromised? It's our treat!


Mary Emily O'Hara


Published Aug 25, 2016   Updated May 26, 2021, 4:29 am CDT

Survivors of the Orlando shooting at the Pulse LGBT club will not be billed for their hospital stays.

Featured Video Hide

Orlando Regional Hospital and Florida Hospital, which treated a combined 56 survivors of the incident, issued a joint statement on Wednesday announcing that Pulse shooting victims would not be billed for care.

Advertisement Hide

“It was incredible to see how our community came together in the wake of the senseless Pulse shooting,” said Florida Hospital CEO Daryl Tol in a statement quoted by Yahoo News. “We hope this gesture can add to the heart and goodwill that defines Orlando.”

Orlando Health, the network that oversees the Orlando Regional Hospital, treated the bulk of the victims—44 patients in total. The announcement that patients would be treated free-of-charge came just two days after the Daily Dot reported that the Pulse victims’ private health data had been compromised by “curious” hospital employees.

“Numerous team members across our system require access to vital records and information in order to provide our patients with the highest levels of care,” an Orlando Health spokesperson told the Daily Dot on Tuesday. “As a result of this incident, we are re-educating our workforce members and increasing our already vigilant program of auditing and monitoring of patient record access.”

According to local Orlando news station WESH, the employees in question were being disciplined after breaking into the system to illegally access “names, birth dates, and records showing the extent of injuries.” The breach occurred on June 15, and patients were notified in a hospital letter two months later.

WESH quoted LGBT Center of Central Florida director Terry DeCarlo describing the hospital administration’s letter, which he said he had seen even though it was not released to the media.

Advertisement Hide

“The first thing that hit me is, who are they selling this information to?” DeCarlo said.

It was not made clear whether hospital employees “sold” the patient’s data, but the breach violated federal patient privacy laws. The hospital could face lawsuits if patients can prove they suffered damages as a result.

“That does make me angry that something like this would happen,” DeCarlo told WESH. “They put more on these poor people that are already going through hell.”

Share this article
*First Published: Aug 25, 2016, 1:51 pm CDT