Page 15 - Part 2 Navigating Electronic Media in a Healthcare Setting
P. 15
SVMIC Navigating Electronic Media in a Healthcare Setting
Laws such as HIPAA demand that only authorized users access
medical records.
Laws are firmly in place that guide healthcare administrators and
staff as to the ethics surrounding medical records and patient
confidentiality. Failure to do so can result in hefty penalties,
potentially including criminal prosecution. Take a look at the
following case:
CASE STUDY
A 37-year-old female was brutally assaulted one evening in her
home. The patient was a well-known local celebrity and was
transported to the hospital with life threatening injuries. The local
news stations immediately broadcasted the news of her assault.
A physician who practiced at the hospital saw the broadcast and
while at home, logged into the EHR to view her records. Two
other hospital employees also accessed her records. Soon after
her admission, the patient died as a result of her injuries. Six
months later, the hospital was conducting random EHR audits
and found that the three personnel who had no involvement with
or relation to the patient’s care had accessed her records. The
case was investigated by the U.S. Attorney’s Office which found
that the physician and both employees had violated the privacy
provisions of HIPAA and criminal charges were filed. The
physician pleaded guilty to a misdemeanor violation of HIPAA
and was sentenced to one year of probation, a $5,000 fine and
50 hours of community service educating professionals on
HIPAA. The two non-physician employees received similar
penalties including termination from the hospital.
Page | 15
