Monday, February 05, 2007

Doctor's innocent record transfer a hippa violation

Take a look... Innocent enough... an insurance company requests a file on a patient... This happens every day to doc's who accept assignment for insurance companies... ( For those of you that don't know that term it means docs who allow insurers to decide which of their services will be covered based on what the insurer decides ) Bottom line... Why not have secure access to your medical record and a doctor that you contract with directly for his or HER services?? Why not box out insurers from having ANY access to your medical record. In the future as genetic testing progresses, you do NOT want BCBS Aetna and UHC to know whether you're testing positive for diseases. As a physician why not utilize a system that emables your CLIENTS to have access to their own record and then they may do with it what they please. Incidentally, stop paying all this staff to DO something that is AUTOMATED via the web now??? Why not implement a service out of your office that PRINTS MONEY for you while providing a service families are DYING for??

Natalie Hodge MD
Founder and CEO Personal Pediatrics

A lawsuit involving HIPAA got the green light in December when the North Carolina Court of Appeals ruled that a patient could continue with her case. The patient alleges that a clinic "violated the rules and regulations established by HIPAA," but since she doesn't claim an actual HIPAA violation, she can keep fighting. The case had been dismissed by a lower state court, which ruled that the lawsuit was improper because HIPAA does not grant an individual a private cause of action. The plaintiff, Heather Acosta, was an employee of Psychiatric Associates of Eastern Carolina and was also the patient there, according to the opinion. She filed a suit in May 2005, against the clinic's owner, David Faber, M.D., alleging negligent infliction of emotional distress. The suit also alleges invasion of privacy and infliction of emotional distress against other defendants, including the clinic's office manager. At one point, Faber allegedly let the office manager use his medical record access number, and she "retrieve[d] plaintiff's confidential psychiatric and other medical and healthcare records," which she then gave "to third parties without plaintiff's authorization or consent," the opinion says. The plaintiff states that when Dr. Faber provided his medical access code, "Dr. Faber violated the rules and regulations established by HIPAA," the opinion continues. "This allegation does not state a cause of action under HIPAA. Rather, plaintiff cites to HIPAA as evidence of the appropriate standard of care, a necessary element of negligence," the court states. An attorney for Faber says that if his client's password was indeed used, it was done so without Faber's knowledge. "I don't see how he could be held liable for any kind of emotional distress claim," says attorney Nicholas Ellis, who is with Poyner & Spruill, LLP. Two defendants in the case have settled. The case against Faber and another defendant will proceed. Read the opinion for Acosta v. Byrum at

No comments: