Archive for HIPAA Violations
St. Elizabeth’s Medical Center in Boston has agreed to a corrective action plan and civil fine of $218,400 with OCR to address deficiencies in its HIPAA compliance program following employee practices at the hospital that exposed ePHI on more than 1,000 patients.
OCR initially received a complaint in November 2012 that hospital employees were allegedly storing patient records containing PHI in an unsecure online document sharing application without analyzing the risks of doing so, according to a July 8 resolution agreement between OCR and St. Elizabeth’s. Those documents contained the ePHI of at least 498 patients.
The New York Giants reportedly didn’t even know their defensive-end Jason Pierre-Paul had one of his fingers amputated before his medical charts appeared in news reports July 8, but that’s a story for another audience.
ESPN reporter Adam Schefter isn’t in trouble for posting a picture on Twitter of what looks like Pierre-Paul’s medical chart—journalists aren’t covered by HIPAA—but staff members at Jackson Memorial Hospital in Miami and the hospital itself could be facing some stiff sanctions for releasing the records to a reporter.
A former financial counselor at an Alaska hospital will serve two years in federal prison for HIPAA violations in which she fed PHI on two patients to a drug kingpin who had caused the men to be hospitalized.
Alaska U.S. Attorney Karen Loeffler announced the news of the sentencing June 1, reports KTUU. Stacy Laulu, 33, received two years for each violation, but will serve both terms concurrently. She was convicted in January in the state’s first HIPAA conviction in Alaskan history and one of only a few such cases nationwide.
A nurse practitioner did just that, however, when she left her job at the University of Rochester Medical Center (URMC) in Rochester, New York, for a position at a local outside practice, Greater Rochester Neurology.
The employee took a list with her containing information on thousands of her patients and then shared that list with her new employer, all without getting permission from the patients, according to a press release issued May 26 by URMC.
Drug kingpin Stuart Seugasala was just convicted and sentenced on a string of federal charges that includes HIPAA violations in the course of running a violent drug trafficking ring in Alaska. Authorities said the trafficking ring imported and distributed illicit drugs, perpetrated armed home invasions, drive-by shootings, kidnappings, and sexual assaults.
The Alaska U.S. Attorney’s Office said it was the state’s first HIPAA conviction and one of only a few such cases nationwide.
Seugasala, 40, was sentenced May 15 to three life terms in prison following his conviction on drug trafficking and kidnapping charges earlier this year, but separate from that sentence was another 20 years for unauthorized access to medical records of two victims he hospitalized in 2013.