Sunday, May 1, 2011

Healthcare Workers Prosecuted for HIPAA (From the Archives)

MIAOULIS NOTE: Below is a list of some of the older HIPAA prosecutions and convictions.  If you know of others drop me an email.
HIPAA viewing violation leads to jail time

June 7, 2010

The case, involving a former UCLA employee, is the first to result in incarceration for unauthorized access of patient medical records.

Huping Zhou, a licensed cardiothoracic surgeon in China who was working at the UCLA School of Medicine as a researcher in 2003, was sentenced in late April to four months in jail after pleading guilty to charges related to looking at patient medical records he was not authorized to view.

According to experts, Zhou's incarceration, the first in the nation for looking at patient files without a valid reason, should serve as a warning sign to all medical practices that times have changed when it comes to patient privacy
First Ever HIPAA Privacy Criminal Conviction

A former employee of a Seattle cancer center has pled guilty to criminal violation of the privacy-related provisions of the Health Insurance Portability and Accountability Act, P.L. 104-191 (“HIPAA”). The guilty plea represents the first ever criminal conviction under HIPAA’s privacy protections. Interestingly, the defendant was apparently not, himself, a “covered entity” under HIPAA. Thus, the case sends a signal that the federal government may seek to pursue even non-covered entities – including employees of covered entities and possibly “business associates” – for criminal prosecution even though HIPAA arguably does not apply directly to them. In addition, the data that was misappropriated was apparently financial and personal information from a health file, but not itself health-related information.

The facts of the case, as set forth in the plea agreement, can be summarized as follows. In October 2003, defendant Richard Gibson obtained the demographic information of a cancer patient from his employer, Seattle Cancer Care Alliance. Gibson then used this data to obtain credit cards in the patient’s name, eventually incurring over $9,000 in debt for items such as video games, apparel, and jewelry. According to news reports, the theft was uncovered in February 2004, at which point Gibson was fired from his job as a phlebotomist/lab technician at the cancer center.

Nurse Prosecuted for HIPAA

May 15, 2008 10:09 am

An Arkansas woman who pled guilty to disclosing a patient’s health information was the first in her state to be convicted under the Health Insurance Portability and Accountability Act (HIPAA).

Andrea Smith, a 25-year-old woman from Trumann, AR, admitted to wrongfully disclosing individually identifiable health information for personal gain, according to a statement from Jane W. Duke, United States Attorney for the Eastern District of Arkansas.

Smith, a licensed practical nurse, accessed an unidentified patient’s medical record on November 28, 2006, while working at Northeast Arkansas Clinic (NEAC) in Jonesboro, AR. Andrea Smith then gave the private medical information to her husband, Justin Smith, who called the patient and said he intended to use the information against the patient in “an upcoming legal proceeding,” according to the statement. Upon discovery of the HIPAA breach, NEAC fired Andrea Smith.


Sam said...

The activity is really great. Health workers are very important of our society.

hospice care

nursing home said...

It needs to be seen if the investigation goes well. Health care has to be provided appropriately.

car accident attorney los angeles said...

This is the problem with the regulation. There needs to be proper review of its by-laws.