HIPAA Indictment: Compliance Catalyst?High-Profile Case Could Renew Awareness of Privacy Rule
The U.S. Attorney's Office for the Eastern District of Virginia says a federal grand jury has indicted a physician who is alleged to have provided health information about a patient he treated for mental illness to an agent of the patient's employer, without obtaining the patient's authorization. And that's a serious allegation, to be sure.
The prosecutors say the physician "made the unauthorized disclosure under the false pretenses that the patient was a serious and imminent threat to the safety of the public, when, in fact, he knew that the patient was not such a threat."
When's the last time your organization educated clinicians about the HIPAA privacy requirements?
If convicted, the physician could face a maximum penalty of five years in prison. His attorney told a local news website that the doctor plans to plead not guilty in the HIPAA case.
If the physician is convicted, a stiff prison sentence would send a strong signal about the importance of abiding by HIPAA.
In the meantime, when's the last time your organization educated clinicians about the HIPAA privacy requirements? You might want to double-check.