I recently left a major hospital where I was employed for over two years.
A few employees in my area accessed my medical records for their own personal curiosity, and my medical condition was the subject of discussion in my old office.
Is this a HIPAA violation?
Only one of these people is an actual medical provider and I was never treated by that person for any reason. What can I do about this?
Disclaimer: Our response is not formal legal advice and does not create an attorney-client relationship. It is generic legal information based on the very limited information provided. Do not rely upon the information in our response, or anywhere else on this site, when deciding the proper course of a legal matter. Always get a personalized case review from a local attorney.
For a HIPAA violation to have occurred, a “covered entity” heath care provider must have electronically disseminated personal medical information about a patient, and must have done so without the express written consent of the patient.
Under the facts you present, you did not authorize anyone to disseminate your private medical information. If the hospital knew, or should have known the information was likely to be accessed, and did nothing about it, the hospital itself may have committed a violation of HIPAA
To access your confidential medical information, someone must have electronically opened the document, or made it available electronically for those persons, including the actual medical provider, to see. If that’s the case, then you may be the victim of a HIPAA violation.
To report a HIPAA violation, contact the U.S. Dept of Health and Human Services.
The above is general information. Laws change frequently, and across jurisdictions. You should get a personalized case evaluation from a licensed attorney. Find a local attorney to give you a free case review here , or call (888) 647-2490.
Best of luck,
How Much is Your Injury Claim Worth?
Find out now with a FREE case review from an attorney…
Search for a Previously Answered Question