Once again, a healthcare worker’s inability to resist the temptation to snoop in her employer’s medical records has resulted in criminal prosecution. In the latest incident, a Vermont ultrasound technologist improperly accessed the electronic medical records of her husband’s former wife and her children, allegedly over a period of 12 years. The victim, also employed by the… Continue Reading
Tag Archives: Enforcement
Rite Aid settles HIPAA Claims for $1 Million
Posted in HIPAA EnforcementIn a press release dated July 27, 2010, the Department of Health and Human Services announced a settlment under which Rite Aid Corporation and its affiliates have agreed to pay $1 million to settle potential HIPAA violations. The pharmacy chain also entered into a consent order with the Federal Trade Commission. HHS reports that the… Continue Reading
A First: Connecticut AG Settles With Health Net Over Breach For $250,000
Posted in LawsuitsIn the first settlement of a HIPAA enforcement action brought by a state attorney general under the new authority granted by the HITECH Act, Connecticut Attorney General Richard Blumenthal announced that the state had entered into an agreement with Health Net for failing to secure patient health and financial information. The AG had brought suit… Continue Reading
California Hospitals Fined for Employees’ Unauthorized Access of Patient Records
Posted in Privacy & SecurityThe more famous the patient, the greater the temptation to peek at his or her medical records. This is why California enacted health privacy legislation in 2008. Among the latest providers to be fined by the state is Ronald Reagan UCLA Medical Center in Los Angeles, reportedly as a result of two employees’ unauthorized access of Michael Jackson’s medical… Continue Reading
Snoop Through Records, Go Directly To Jail
Posted in ArticlesA former researcher at UCLA has the dubious distinction of being the first person sentenced to prison under HIPAA for snooping through medical records. The Justice Department press release reports that the researcher, Huping Zhou, who admitted to illegally reading private and confidential medical records, mostly from celebrities and other high-profile patients, was sentenced to… Continue Reading
OCR’s HITECH Act Rulemaking and Implementation Update
Posted in HIPAA EnforcementOn March 15, 2010, the Office of Civil Rights of the Department of Health and Human Services published an update on their rulemaking and enforcement efforts under the HITECH Act. It can be accessed here. OCR acknowleged that they are still working on rulemaking covering business associate liability; new limitations on the sale of protected health… Continue Reading
HHS Issues Interim Final Rule to Implement the HITECH Act’s Strengthened Civil Money Penalty Scheme
Posted in HITECH ActOn October 30, 2009, the Secretary of the HHS adopted an Interim Final Rule amending HIPAA’s enforcement regulations relating to the imposition of civil monetary penalties (“CMP”). Most significantly, the Interim Final Rule distinguishes between violations occurring before February 18, 2009 and violations occurring on or after that date with regard to the penalty amount… Continue Reading