Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Government Privacy Security Your Rights Online

UCLA Hospital Hit With HIPAA Fine On Celeb Records 57

Trailrunner7 writes "The University of California at Los Angeles Health Services has agreed to pay a $865,000 fine and pledged to tweak their infrastructure after potentially violating the HIPAA regulation when several employees apparently accessed the health records of various celebrity patients at the hospital without valid justification. This is the third major HIPAA fine issued by the Department of Health and Human Services in 2011, following a fine of $4.3 million for Cignet and a penalty of $1 million for Massachusetts General Hospital."
This discussion has been archived. No new comments can be posted.

UCLA Hospital Hit With HIPAA Fine On Celeb Records

Comments Filter:
  • by overshoot ( 39700 ) on Saturday July 09, 2011 @10:00AM (#36704080)
    Part of the system's design requirement is that caregivers should be able to access the records of an unresponsive patient. You know, the "found unconscious at an out-of-town auto wreck" scenario. And that's a worthy objective.

    Trouble is, it also means that ANY medical personnel, anywhere, have to have access to everyone's medical records. Obvious potential for abuse, so all of the protections have to be post hoc.

  • by ethanms ( 319039 ) on Saturday July 09, 2011 @10:07AM (#36704122)

    I was thinking it sounds like "fire those involved and make it very clear too all remaining employees that those involved were fired and are unlikely to get another job in the medical field after being terminated for a HIPPA violation...

  • by Tony Isaac ( 1301187 ) on Saturday July 09, 2011 @10:23AM (#36704190) Homepage

    I work in the electronic medical records industry, and I can tell you that HIPAA protects your privacy about as well as those multi-page "privacy policy" letters you get from your bank and other businesses...you know, the ones that tell you, in lots of fine print, that they will do whatever they want with your information.

    Sure, HIPAA requires doctors and hospitals to get your consent before sharing your information with others. That's why, when you see a doctor these days, you have to first sign that consent form! If you don't sign, you get sub-standard care, or have insurance hassles...basically, you have to sign. So tell me how THAT helps anything!

    What HIPAA DOES do well, is make it difficult for spouses (and other caring family members or friends) to find out what's going on with their loved ones when disaster strikes. It also costs hospitals and doctors tons of money to comply (I know, my company is the recipient of some of that money)...and that in turn drives up the cost of health care.

    HIPAA may have been created with good intentions in mind, but it is a travesty and can't be repealed fast enough!

  • by Tony Isaac ( 1301187 ) on Saturday July 09, 2011 @10:51AM (#36704396) Homepage

    You are correct, that is what HIPAA was supposed to be about. You are fortunate.

    The problem is, it all depends on how the specific doctor or hospital interprets their obligations under HIPAA. Some of them are reasonable, but others grossly exaggerate the level of privacy required by the law.

    In our business, we often have to read document after document just to try to understand the requirements. If WE have to do that, how in the world can a small doctor's office apply the law correctly? The truth is, they often make their best guess and hope the lawyers don't come after them.

"If you lived today as if it were your last, you'd buy up a box of rockets and fire them all off, wouldn't you?" -- Garrison Keillor