Government // Leadership
Commentary
12/2/2009
12:43 PM
Mitch Wagner
Mitch Wagner
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Texas Hospital District Fires 16 For HIPAA Violations

The Harris County Hospital District of Houston, Texas, fired 16 employees, accusing them of violating patient privacy laws by inappropriately accessing the records of a medical resident who'd been admitted to the hospital after she was shot in a grocery store parking lot.

The Harris County Hospital District of Houston, Texas, fired 16 employees, accusing them of violating patient privacy laws by inappropriately accessing the records of a medical resident who'd been admitted to the hospital after she was shot in a grocery store parking lot.A spokeswoman for the hospital district confirmed in an e-mail exchange with InformationWeekthat 16 employees were fired November 20 for violating Health Insurance Portability and Accountability Act (HIPAA), but declined to provide specifics.

However, the Houston Chronicle provides more detail:

A county employee who asked not to be identified told the Houston Chronicle that two high-ranking administrators told him the fired employees had looked at the medical records of Dr. Stephanie Wuest, a first-year Baylor College of Medicine resident assigned to Ben Taub General Hospital.

Wuest became a patient at Ben Taub on Oct. 29, after she was shot in a grocery store parking lot. She is expected to make a full recovery, her mother said [Nov. 25].

Most of the fired employees worked at Ben Taub. They include managers, nurses, clerks and other employees.

HIPAA requires healthcare providers to sanction employees for violations, but leaves the level of sanction to the healthcare provider's discretion.

"It could be that the district wants to draw a hard line against any violations of the law in order to discourage the federal Office of Civil Rights from imposing large civil or criminal financial penalties," said Stacey Tovino, a professor of health law at Drake University who writes frequently on HIPAA.

She noted that many institutions fire employees for that reason.

Still, Tovino said the level of sanction could be considered harsh given HIPAA's standards requiring institutions to report violations to the federal government. She said the law defines such breaches as those posing "a significant risk of financial, reputational or other harm to the individual."

Tovino questioned whether employees accessing a colleague's record out of concern about her prognosis would meet that threshold.

Wuest was described as "still slowly recovering" in a Nov. 28 report.

InformationWeek has published an in-depth report on e-health and the federal stimulus package. Download the report here (registration required).

Follow InformationWeek on Twitter, Facebook, and LinkedIn:

Twitter: @InformationWeek @IWpremium @MitchWagner

Facebook: InformationWeek Mitch Wagner

LinkedIn: InformationWeek Mitch Wagner

Comment  | 
Print  | 
More Insights
2014 US Salary Survey: 10 Stats
2014 US Salary Survey: 10 Stats
InformationWeek surveyed 11,662 IT pros across 30 industries about their pay, benefits, job satisfaction, outsourcing, and more. Some of the results will surprise you.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.