Prying In Britney Spears' Medical Records May Cost Employees' Jobs
In violation of privacy rules, UCLA Health System employees reportedly accessed the pop star's medical records without authorization.
Employees of the UCLA Health System may be disciplined for unauthorized access to Britney Spears' patient records during her most recent stay for a mental health evaluation.
Media around the globe reported that Spears was involuntarily hospitalized from Jan. 31 through Feb. 6, so psychiatric staff could determine whether she was a danger to herself or others. During her hospitalization, gossip outlets and traditional news media also reported on her interactions with staff and visitors during her stay.
Now, the Los Angeles Times reports that 25 staff members, including six physicians, could be disciplined for accessing the pop star's records without authorization.
The Health Insurance Portability and Accountability Act (HIPAA) sets national standards for securing and protecting patient health information. Hospitals have strict policies against disclosure, with some exceptions for insurance payment and law enforcement investigations. Many health providers refuse to verify that they have treated a particular patient.
UCLA's medical center said it immediately launches investigations into possible confidentiality breaches, but it could not comment on reports that 13 employees could be fired for viewing Spears' medical records. The statement named Spears and said it was the medical center's only response to reports that its staff would be fired over access to the star's records.
"UCLA Health System considers patient confidentiality a critical part of our mission of teaching, research, and patient care," UCLA explained in the statement. "All staff members are required to sign confidentiality agreements as a condition of their employment and complete extensive training on HIPAA-related privacy and security issues. We have stringent policies to protect patient confidentiality and address violations of those policies. When possible confidentiality breaches arise, UCLA immediately launches an investigation and appropriate disciplinary action would then be initiated. Due to the confidential nature of both patient and personnel issues, no further information is available."
According to the Times, which cited an unnamed source familiar with the situation, 13 employees could be fired and six could be suspended, while another six physicians could be disciplined for accessing Spears' medical records.
Despite concerns that electronic health records could threaten patient privacy, statements from the hospital's compliance and privacy chief indicate that computerized records could help pinpoint culprits.
Carole Klove, chief compliance officer, told the Times that employee passwords allow the hospital to monitor employees' computer activity, including what the employee viewed and for how long.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.