Texas Hospital District Fires 16 For HIPAA Violations

The Harris County Hospital District of Houston, Texas, fired 16 employees, accusing them of violating patient privacy laws by inappropriately accessing the records of a medical resident who'd been admitted to the hospital after she was shot in a grocery store parking lot.

Mitch Wagner, California Bureau Chief, Light Reading

December 2, 2009

2 Min Read
InformationWeek logo in a gray background | InformationWeek

The Harris County Hospital District of Houston, Texas, fired 16 employees, accusing them of violating patient privacy laws by inappropriately accessing the records of a medical resident who'd been admitted to the hospital after she was shot in a grocery store parking lot.A spokeswoman for the hospital district confirmed in an e-mail exchange with InformationWeekthat 16 employees were fired November 20 for violating Health Insurance Portability and Accountability Act (HIPAA), but declined to provide specifics.

However, the Houston Chronicle provides more detail:

A county employee who asked not to be identified told the Houston Chronicle that two high-ranking administrators told him the fired employees had looked at the medical records of Dr. Stephanie Wuest, a first-year Baylor College of Medicine resident assigned to Ben Taub General Hospital.

Wuest became a patient at Ben Taub on Oct. 29, after she was shot in a grocery store parking lot. She is expected to make a full recovery, her mother said [Nov. 25].

Most of the fired employees worked at Ben Taub. They include managers, nurses, clerks and other employees.

HIPAA requires healthcare providers to sanction employees for violations, but leaves the level of sanction to the healthcare provider's discretion.

"It could be that the district wants to draw a hard line against any violations of the law in order to discourage the federal Office of Civil Rights from imposing large civil or criminal financial penalties," said Stacey Tovino, a professor of health law at Drake University who writes frequently on HIPAA.

She noted that many institutions fire employees for that reason.

Still, Tovino said the level of sanction could be considered harsh given HIPAA's standards requiring institutions to report violations to the federal government. She said the law defines such breaches as those posing "a significant risk of financial, reputational or other harm to the individual."

Tovino questioned whether employees accessing a colleague's record out of concern about her prognosis would meet that threshold.

Wuest was described as "still slowly recovering" in a Nov. 28 report.

InformationWeek has published an in-depth report on e-health and the federal stimulus package. Download the report here (registration required).

Follow InformationWeek on Twitter, Facebook, and LinkedIn:

Twitter: @InformationWeek @IWpremium @MitchWagner

Facebook: InformationWeek Mitch Wagner

LinkedIn: InformationWeek Mitch Wagner

About the Author

Mitch Wagner

California Bureau Chief, Light Reading

Mitch Wagner is California bureau chief for Light Reading.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights