HIPPA Violation?

[mickeyd]

This looks to me like a huge HIPPA violation. What are the thoughts of medical and legal folks on this forum? Also, how often does this happen for any famous person?

I'll bet that it happens more often than we can imagine.

UCLA Medical Center is taking steps to fire at least 13 employees and has suspended at least six others for snooping in the confidential medical records of pop star Britney Spears during her recent hospitalization in its psychiatric unit, a person familiar with the matter said Friday.

In addition, six physicians face discipline for peeking at her computerized records, the person said.

UCLA workers snooped in Spears' medical records - Los Angeles Times

 

[Rich_by_the_Bay]

It's wrong both ethically and HIPPA-wise.

It's generally agreed that physicians and certain other providers do require total access to all records so that they can render proper care, including emergencies. Given that, the only barrier to snooping is professionalism and ethics.

I have had high profile patients over the years, as have my colleagues. If you ever wanted to snoop, you'd be well advised to stay away from those charts without a very good reason - the security watchdogs are all over that account 24/7.

 

[dumpster56]

Rich is 100% correct..

everyone involved should be fired.

 

[oma]

Its a huge violation. Every health care provider knows not to look into records - easy to trace nowadays with electronic medical records. As I recall, over 20 staff members from Baylor Med Center Dallas area were fired for looking into Terrell Owen's records. George Clooney also had a hospitalization where staff looked.

My institution has mandatory training on the HIPAA. No reason for anyone to plead ignorance.

Trouble is, firing a bunch of doctors, nurses, and technicians is hard on hospitals nowadays since there is already a shortage of staff in most hospitals.

 

[Notmuchlonger]

People make mistakes. Sure penalize them with suspensions but firing is a bit extreme.

 

[dumpster56]

People make mistakes. Sure penalize them with suspensions but firing is a bit extreme.

Mistake, ? From what I have read they went and looked at a private report and records . Uh they knew it was against all ethics and Hippa rules. sorry who needs to read anything about her anyway, she is efed up we all can see.

 

[Meadbh]

People make mistakes. Sure penalize them with suspensions but firing is a bit extreme.

All healthcare organizations have expectations that staff will maintain patients' privacy. Actively snooping in people's records without a need to know is a disciplinary offence, period. If it was a first offence, some hospitals might issue a warning or suspension. However I do think that the high profile of this patient probably had something to do with the decision to fire the errant staff.

 

[mn54]

Have there been any lawsuits from these "high profile" patients against the hospitals and physicians? If there have been that would send a quick message to all concerned.

 

[DblDoc]

This is a "crash and burn" offence where I work. We can't even look at our own records using the computerized system.

DD

 

[Bram]

Even aside from the snooping, a HIPPA violation likely occurred with the mere mention of the fact of Britney's "recent hospitalization in its psychiatric unit".

Given our society's thirst for gossip, I can imagine a greedy someone even selling to the tabloids the details of Britney's medical record. Aside from being fired, I wonder if there are any legal ramifications of such a HIPPA violation? Anyone know?

 

[oma]

The Penalties for Violating HIPAA Privacy Standards​

42 USC 1320d-6 (HIPAA Sec. 1177) contains the criminal penalties for violating the HIPAA privacy standards. It states:
"a. Offense.—

A person who knowingly and in violation of this part—

1. uses or causes to be used a unique health identifier;
2. obtains individually identifiable health information relating to an individual; or
3. discloses individually identifiable health information to another person,

shall be punished as provided in subsection (b).
​

b. Penalties.—

A person described in subsection (a) shall—
​

1. 1. be fined not more than $50,000, imprisoned not more than 1 year, or both;
   2. if the offense is committed under false pretenses, be fined not more than $100,000, imprisoned not more than 5 years, or both; and
   3. if the offense is committed with intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain, or malicious harm, be fined not more than $250,000, imprisoned not more than 10 years, or both."

http://www.hipaaprivacyworkgroups.com/HIPAA%20Penalties.htm