Tuesday, August 25, 2009

Arkansas Doctor and Hospital Employees Plead Guilty to HIPAA Violations

A doctor and two hospital employees at St. Vincent Infirmary Medical Center in Arkansas face a maximum penalty of one year in prison and/or a fine of up to $50,000 because of their curiosity. All three parties have pled guilty to unrelated misdemeanor violations of HIPAA laws.

Dr. Jay Holland admitted to accessing a patient's record after seeing a news report. Dr. Holland accessed the record in order to determine if the news report was true. His privileges were suspended for two weeks and was required to complete on-line HIPAA training.

Sarah Elizabeth Miller, a former account representative at St. Vincent, admitted to accessing a patient's records 12 times. Miller, who had received HIPAA training, was fired after admitting that curiosity was the reason why she had accessed the records.

Canada Griffin, an emergency room unit coordinator, was asked to set up an alias for a patient. After the patient was moved the the ICU, Griffin was curious about the patient and looked up the patient's medical charts. Griffin was also fired from St. Vincent.

All three situations show how simple curiosity can turn into a serious HIPAA violation that can compromise your employment. Make sure that the members of your medical staff and staff in your medical services office are well-trained in HIPAA to prevent violations in your facility.

Source: Federal Bureau of Investigation, Little Rock

1 comment:

Mike said...


Yes it is true due to lack of knowledge and proper HIPAA Training, many of the hospital as well as covered entity staff gets in such a situation of violating hipaa security and privacy laws. The breaching of vital patient information happens, and this will happen as long as a proper HIPAA training is not provided to the concern person handling the patient information. It is having said that many of the hospital staff including the doctors are unaware about the hipaa security and privacy law and accidentally breach out the vital patient information, and to avoid such incidence HIPAA Training is only one of the most important option. So if he or she is a doctor, nurse, MT or any concern person handling the patient information, he/she has to go through the HIPAA Training. Here is one of the website http://hipaatraining.net/ that can help healthcare organization, covered entities as well as individual seeking HIPAA Training