IOWA CITY, Iowa (AP) - A medical assistant at University of Iowa Hospitals and Clinics was fired over an alleged privacy violation after she told superiors that a colleague inappropriately viewed a female patient's medical record.
The Des Moines Register reports that Shawn Sterner of North Liberty in March claimed she looked over the shoulder of a co-worker who was examining a female patient's file. She claimed the co-worker later told her the patient was a drug-user whose children had been taken away.
http://www.kmtv.com/Global/story.asp?S=14948101
Miaoulis Note: Shoulder surfing is looking over the shoulder of someone logged in. It also appears she then further violated privacy by discussing it.
Monday, June 27, 2011
Dr. Indicted for wrongful disclosure of PHI.
http://www.justice.gov/usao/vae/news/2011/06/20110621kayenr.html
NORFOLK, Va. – Richard Alan Kaye, 62, of Suffolk, Va., was indicted by a federal grand jury today for the wrongful disclosure of individually identifiable health information under the Health Insurance Portability and Accountability Act.
Neil H. MacBride, United States Attorney for the Eastern District of Virginia, made the announcement. If convicted, Kaye faces a maximum penalty of five years imprisonment.
According to the indictment, Kaye is licensed to practice osteopathic medicine in Virginia and was the Medical Director of the Psychiatric Care Center at Sentara Obici Hospital in Suffolk, Virginia. He is alleged to have provided in-patient mental health treatment to a patient from August 20, 2007 to September 4, 2007, and in his discharge summary indicated that the patient was not considered a danger to others. On three occasions in February 2008, Kaye disclosed, without authorization, the patient’s individually identifiable health information to an agent of the patient’s employer. Kaye made the unauthorized disclosure under the false pretenses that the patient was a serious and imminent threat to the safety of the public, when in fact he knew that the patient was not such a threat.
This case was investigated by the Federal Bureau of Investigation. Assistant United States Attorney Alan M. Salsbury is prosecuting the case on behalf of the United States.
Criminal indictments are only charges and not evidence of guilt. A defendant is presumed to be innocent until and unless proven guilty.
A copy of this press release may be found on the website of the United States Attorney's Office for the Eastern District of Virginia at http://www.justice.gov/usao/vae.
Related court documents and information may be found on the website of the District Court for the Eastern District of Virginia at http://www.vaed.uscourts.gov/ or on https://pcl.uscourts.gov/.
NORFOLK, Va. – Richard Alan Kaye, 62, of Suffolk, Va., was indicted by a federal grand jury today for the wrongful disclosure of individually identifiable health information under the Health Insurance Portability and Accountability Act.
Neil H. MacBride, United States Attorney for the Eastern District of Virginia, made the announcement. If convicted, Kaye faces a maximum penalty of five years imprisonment.
According to the indictment, Kaye is licensed to practice osteopathic medicine in Virginia and was the Medical Director of the Psychiatric Care Center at Sentara Obici Hospital in Suffolk, Virginia. He is alleged to have provided in-patient mental health treatment to a patient from August 20, 2007 to September 4, 2007, and in his discharge summary indicated that the patient was not considered a danger to others. On three occasions in February 2008, Kaye disclosed, without authorization, the patient’s individually identifiable health information to an agent of the patient’s employer. Kaye made the unauthorized disclosure under the false pretenses that the patient was a serious and imminent threat to the safety of the public, when in fact he knew that the patient was not such a threat.
This case was investigated by the Federal Bureau of Investigation. Assistant United States Attorney Alan M. Salsbury is prosecuting the case on behalf of the United States.
Criminal indictments are only charges and not evidence of guilt. A defendant is presumed to be innocent until and unless proven guilty.
A copy of this press release may be found on the website of the United States Attorney's Office for the Eastern District of Virginia at http://www.justice.gov/usao/vae.
Related court documents and information may be found on the website of the District Court for the Eastern District of Virginia at http://www.vaed.uscourts.gov/ or on https://pcl.uscourts.gov/.
Tuesday, June 7, 2011
Jilted Ex-Boyfriend's Abortion Billboard Ignites Free Speech Debate
MIAOULIS NOTE: This does not appear to be a HIPAA violation as the ex-boyfriend was not a healthcare worker. But this could be an interesting story to watch since it certainly relates to privacy rights. Also a recent (See June 3) in Birmingham, Trinity Hospital a non-healthcare worker was charged with violating HIPAA.
-----------------------------------------------------------------------------
A New Mexico man's decision to lash out with a billboard ad saying his ex-girlfriend had an abortion against his wishes has touched off a legal debate over free speech and privacy rights.
The sign on Alamogordo's main thoroughfare shows 35-year-old Greg Fultz holding the outline of an infant. The text reads, "This Would Have Been A Picture Of My 2-Month Old Baby If The Mother Had Decided To Not KILL Our Child!"
Fultz's ex-girlfriend has taken him to court for harassment and violation of privacy. A domestic court official has recommended the billboard be removed.
Read more: http://www.foxnews.com/us/2011/06/07/jilted-ex-boyfriend-puts-up-abortion-billboard/#ixzz1OazJzvXz
Non-Healthcare Worker Arrested: http://blog.al.com/spotnews/2011/06/4500_patient_records_stolen_fr.html
-----------------------------------------------------------------------------
A New Mexico man's decision to lash out with a billboard ad saying his ex-girlfriend had an abortion against his wishes has touched off a legal debate over free speech and privacy rights.
The sign on Alamogordo's main thoroughfare shows 35-year-old Greg Fultz holding the outline of an infant. The text reads, "This Would Have Been A Picture Of My 2-Month Old Baby If The Mother Had Decided To Not KILL Our Child!"
Fultz's ex-girlfriend has taken him to court for harassment and violation of privacy. A domestic court official has recommended the billboard be removed.
Read more: http://www.foxnews.com/us/2011/06/07/jilted-ex-boyfriend-puts-up-abortion-billboard/#ixzz1OazJzvXz
Non-Healthcare Worker Arrested: http://blog.al.com/spotnews/2011/06/4500_patient_records_stolen_fr.html
Arrested for Stealing Hospital Records (Felony Larceny) Wake Forest Baptist
MIAOULIS NOTE: The charge is felony larceny and based on the article does not include a HIPAA Charge. This is another in a growing list of individuals arrested for Hospital Breaches. Educate your workforce that they could be prosecuted for breaching patient's confidentiality.
http://www.digtriad.com/news/local/article/177823/57/Police-Baptist-Hospital-Employee-Stole-Medical-Records
Winston-Salem, NC -- You trust hospitals to keep your personal information safe. But, police now say a Wake Forest Baptist Medical Center employee, Linda Turner, stole hundreds, possibly thousands, of people's medical records.
They say she kept the files in the basement of a home she owned and other storage units.
Prosecutors charged Turner with felony larceny and she was fired from the hospital. She'll be in court later this month. No one knows why she took home those medical files, including Nathaniel Cravanzola, the person who discovered them in the basement of his home.
When Cravanzola moved into the house, he never expected to find boxes of stolen medical records in the basement. They are dated from 1995 to 2006.
http://www.digtriad.com/news/local/article/177823/57/Police-Baptist-Hospital-Employee-Stole-Medical-Records
Winston-Salem, NC -- You trust hospitals to keep your personal information safe. But, police now say a Wake Forest Baptist Medical Center employee, Linda Turner, stole hundreds, possibly thousands, of people's medical records.
They say she kept the files in the basement of a home she owned and other storage units.
Prosecutors charged Turner with felony larceny and she was fired from the hospital. She'll be in court later this month. No one knows why she took home those medical files, including Nathaniel Cravanzola, the person who discovered them in the basement of his home.
When Cravanzola moved into the house, he never expected to find boxes of stolen medical records in the basement. They are dated from 1995 to 2006.
Encrypt your laptop.. NOW
Miaoulis Note: If you have not started to encrypt your laptops you should... The cost is relatively inexpensive and the potential impact is just too big. When conducting your risk analysis, the probability of losing a laptop is high and if it contains non-encrypted Protected Health Information, the impact is Serious. Based on the data, etc. you have a high risk and high risks should be addressed ASAP. Here is just another in a long line of Hospital Breaches involving Laptops. (Also would apply to flash drives, backup tapes, and other mobile media.
http://www.beckershospitalreview.com/healthcare-information-technology/south-carolinas-spartanburg-regional-notifies-patients-of-possible-data-breach.htmlSpartanburg (S.C.) Regional Hospital has notified thousands of patients of a possible data breach of their personal and medical information after a hospital laptop was stolen from a hospital employee's car in March, according to a WSPA news report.
http://www.beckershospitalreview.com/healthcare-information-technology/south-carolinas-spartanburg-regional-notifies-patients-of-possible-data-breach.htmlSpartanburg (S.C.) Regional Hospital has notified thousands of patients of a possible data breach of their personal and medical information after a hospital laptop was stolen from a hospital employee's car in March, according to a WSPA news report.
Friday, June 3, 2011
4,500 Patient Records Stolen (Trinity Birmingham, Al) HIPAA ARREST
BIRMINGHAM, Alabama -- A woman was charged Thursday with stealing 4,500 patients' medical records from Trinity Medical Center, possibly with the intent of using them for identity theft.
Chelsea Catherine Stewart, 26, was arrested Thursday morning by U.S. Postal inspectors, who said they found hundreds of pages with names, birth dates and Social Security numbers at a house in Alabaster where Stewart was staying. The files spanned several years, including before 2006, when Trinity was still Montclair Baptist
Stewart was charged Thursday with violating the federal Health Insurance Portability and Accountability Act, which protects the privacy of medical records, and released on an unsecured bond of $5,000. She has not been indicted and did not have to enter a plea. She may face additional charges, said her court-appointed attorney, Scott Brower.
According to the charging document, Stewart said she had taken the records from the hospital when visiting a patient there between March 22 and April 1. Albaster police found the paperwork April 8 at a house where Stewart was staying, postal inspector John Bailey said in an affidavit.
http://blog.al.com/spotnews/2011/06/4500_patient_records_stolen_fr.html
MIAOULIS NOTE: This will be interesting to watch, if the indictment moves forward this appears to expand HIPAA beyond healthcare workers to the general populations. This may be the first time a non-healthcare worker was arrested for HIPAA. I am not an Attorney or prosecutor, so I will be watching.
Chelsea Catherine Stewart, 26, was arrested Thursday morning by U.S. Postal inspectors, who said they found hundreds of pages with names, birth dates and Social Security numbers at a house in Alabaster where Stewart was staying. The files spanned several years, including before 2006, when Trinity was still Montclair Baptist
Stewart was charged Thursday with violating the federal Health Insurance Portability and Accountability Act, which protects the privacy of medical records, and released on an unsecured bond of $5,000. She has not been indicted and did not have to enter a plea. She may face additional charges, said her court-appointed attorney, Scott Brower.
According to the charging document, Stewart said she had taken the records from the hospital when visiting a patient there between March 22 and April 1. Albaster police found the paperwork April 8 at a house where Stewart was staying, postal inspector John Bailey said in an affidavit.
http://blog.al.com/spotnews/2011/06/4500_patient_records_stolen_fr.html
MIAOULIS NOTE: This will be interesting to watch, if the indictment moves forward this appears to expand HIPAA beyond healthcare workers to the general populations. This may be the first time a non-healthcare worker was arrested for HIPAA. I am not an Attorney or prosecutor, so I will be watching.
Subscribe to:
Posts (Atom)