This does not speak well of the legal profession:
Attorneys nationwide reportedly plan to deploy decoy patients at health care organizations to see if doctors, dentists, hospitals and insurance companies have the policies, procedures and protections that ensure patients' privacy, as required by the federal Health Insurance Portability and Accountability Act (HIPAA). Those that don't comply risk hefty fines, possible criminal prosecution and costly civil lawsuits. Companies have had two years to educate staff, designate a privacy officer and adopt basic security measures. But there's a good chance some providers will miss the deadline.