Home > Newsroom > March, 2011 TechNews

 | SEND THIS PAGE | PRINT

Should I be concerned about my employees looking at my patients’ medical records for reasons not related to their job duties?


March, 2011, New Jersey Tech News - Yes, and you should take disciplinary action immediately if you discover an inappropriate access by one of your employees. According to news reports, employees of University Medical Center in Tucson were fired when the hospital discovered they had inappropriately accessed the medical records of Representative Gabrielle Giffords and other victims of the Tucson shooting. Under the Health Insurance Portability and Accountability Act (“HlPAA"), health care providers must have in place safeguards to protect patient information. These safeguards must include reasonable efforts to limit employee access to patient information to those employees who need access based on the jobs they perform. Anyone can file a complaint with the federal Office of Civil Rights alleging a violation of HIPAA. The OCR can then decide whether to investigate the complaint. If the OCR finds a violation occurred, they have the power to resolve the case with the provider through informal means, such as voluntary compliance or corrective action (including employee discipline). If a satisfactory resolution is not reached, the OCR may impose civil monetary penalties or refer the matter to the Department of Justice for criminal prosecution.

To see the full Q&A, click here.

As a member of the New Jersey Technology Council (NJTC), the Giordano Firm contributes a Legal Q&A column to the TechNews magazine. The Q&A covers topics across various legal areas that may be of interest to this audience. Our goal is to provide sound legal advice and effective strategies to resolve business issues.
Tags: Sharlene A. Hunt, Healthcare

Giordano, Halleran & Ciesla, P.C. | Middletown, NJ | Trenton, NJ | www.ghclaw.com | 1-800-842-1LAW