enforcement can lead to large fines

The Reality of HIPAA Violations and Enforcement

Who is ultimately responsible for enforcement of HIPAA and what types of penalties are levied when a covered entity or business associate is found to be non-compliant with the regulations? Many healthcare offices and their staff don’t know the answer to this question; they have only a vague notion about the enforcement and the consequences of not adhering to the law.

The real HIPAA enforcement agency is the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR). Complaints are filed with the OCR, and they are responsible for administering, investigating and enforcing the HIPAA privacy standards. The Centers for Medicare & Medicaid (CMS) enforce the code set and security standards.

The American Recovery and Reinvestment Act of 2009 created a tiered penalty configuration for HIPAA violations. But it is the OCR that determines the amount of each penalty, and it is dependent upon the nature and extent of harm that results from the breach. For example:

  • The fine for a first time infringement by someone who did not know they violated HIPAA could be as low as $100 or as high as $50,000.
  • The fine for a violation due to willful neglect, but corrected within the required time period, is a minimum of $10,000 per violation with a maximum of $50,000.
  • The fine when the willful neglect violation is not corrected increases from $10,000 to $50,000.

However, whenever there is a violation that is not considered willful neglect and it is corrected within 30 days of notice, the OCR cannot impose the civil penalty.

A Privacy Rule infraction can be considered criminal and may lead to prosecution by the Department of Justice if someone deliberately acquires or discloses a person’s health information; the fine is $50,000 and up to one year in jail. Whenever an offense is committed through deception, the fine is $100,000 and the jail time is 5 years. And, if person’s health information was sold, transferred or used for profit-making, or any type of personal gain or intent to harm, the fines can go as high as $250,000 with imprisonment for up to 10 years.

Knowing that enforcement of HIPAA is real and that the penalties can be financially and professionally devastating, healthcare offices need to prioritize their training efforts for all of their staff. There truly is no excuse for any healthcare office not to be thoroughly trained in HIPAA law, because if they are found to be out of compliance HHS will not accept ignorance of the law as a defense.

69 comments on “The Reality of HIPAA Violations and Enforcement”

  1. These fines our per individual and/or practice correct? The reason I ask is that my current manager and staff feel that the penalties only apply to the practice not to each of them if they are the violators. And I completely disagree with them based on all of my understanding on HIPAA.

    1. Fines are typically levied against the practice and are generally per occurrence, e.g. per record compromised.

      1. I have a very case specific scenario. I am in a current custody battle where both parties retained best interest experts. We both were ordered to take hair follicle tests. I unfortunately failed (the first one, second one passed). My adversaries “unethical” attorney sent a subpoena to the medical facility commanding all records pertaining to me. Without any signed authorizations, the facility sent all results to them ( via phone call to boot). By law, within the subpoena, a certain amount of days are given before the lawyer could obtain such records. if by chance such records were produced prematurely, it is the attorneys duty to close up the envelope, and send records back without looking; giving the opposing side the opportunity to put in a motion to quash. the following day an order to show cause was filed. My parenting time has since been altered to my detriment. I have gone full force. Any comments?

      2. what about gossiping and accessing patients profile? not knowing they violated HIPAA, can this individual go to jail?

      3. If the board of pharmacy investigated the phi violation, (due to coworker filed a complaint), can this individual be fined and go to jail?

    2. Individual workers have been prosecuted for violating HIPAA:

      •2004 – Richard Gibson, phlebotomist, stole demographic info from a cancer patient and opened 4 credit cards. Sentenced to 16 months jail and 9k restitution (per plea Agreement)
      •2010 – Huping Zhou, a UCLA researcher, was sentenced to 4 months in federal prison for snooping. UCLA agreed to pay an $865,000 fine
      •2014 – Joshua Hippler, East Texas hospital employee, indicted on charges of Wrongful Disclosure of PHI. If convicted, he faces up to 10 years in prison

      ALSO, Civil Suits are possible in addition to OCR penalties. For example:

      Hinchy v. Walgreen Co. et al
      •A Walgreen pharmacist was informed by her husband of past sexual conduct with Hinchy & possibility of a sexually transmitted disease
      •The pharmacist intentionally accessed Hinchy’s prescription information while at work
      •The pharmacist’s husband sent a text message to Hinchy, causing her to suspect that her information was impermissibly accessed.
      •In July 2013, jury awarded $1.44 M to Hinchy

  2. What happens to my co-worker if she accessed her husband’s ex wife’s record but did not disclose or use any of her information and it was a clinical setting and on a separate server than her actual doctors record? There wasn’t any information in the record other than phone scheduled appointments and basic demographic. My co-worker has since left healthcare.

  3. Is there any possible penalty for an employee who has not completed their HIPAA Privacy training course? For instance, a V.P. where I work was hired in August 2014, but has yet to complete the training, even after numerous reminders.

  4. An enemy went as far to find out my personal hospital record when I was in the Er posted it all ova Facebook I talked to head security of John Hopkins they dealing with it but this does not satisfy me one bit I need something done cuz she keeps posting in all groups


  5. Before taking the time and HAS of filing a complaint about a pharmacy tech that not only disclosed some as a pt then also degraded this person and told people that he/she was nothing but a pill head and other very negative information. Then lies about this person again after being warned but the pt. Biggest deal is the information got to children and was discussed again

  6. A nurse noticed my fiance and I in the obgyn and told half the town she was pregnant? We started receiving calls about it before we told our family. We could’ve been there for any reason but everyone knew why. I’m assuming she checked our records after she saw us.

  7. My wife was terminated from her job at a local hospital for accessing her mothers medical records while at work . She IS POA , how can she be terminated for violating hipaa?

    1. You cannot even access your own records unless it is required to perform your job. A few people I know let their co-workers handle their relatives’ cases even though they have right to access the medical records just to be safe. With medical records, if you have no job-related reason to see someone’s medical record, it is a violation.

  8. I was recently in a drug and alcohol treatment facility while there I was in contact with a residential aide who also works part time at a convenience store. On my discharge from the facility I managed to gain employment at the same convenience store. The residential aide is discussing my health issues with other employees and saying I’m willfully spread Hepatitis C to others. I would like to know how to take action and what my chances are of anything being done about this. I’m extremely embarrassed and mortified as I am not spreading anything around. Prior to learning this was going on I enjoyed my job and worked full time. I’m trying to build a life worth living but finding myself ashamed to continue my employment

  9. I believe my phi and another patient’s phi have been violated. On a visit to a hospital, I was placed on a gurney in the ER hallway with only a half size curtain pulled to “provide me with some level of privacy.” For approximately 3 1/3 hours I had to discuss my symptoms, and what could be the cause of my symptoms, and the results of my CT scan. In that time, nurses, people pushing carts with linens, and visitors simply walking past me and making eye contact while in incredible pain. When the doctor was finally found by my nurse and asked if I was ever going to be provided with something for my pain, the doctor told me and everyone around me about an infection that from April isnt going away. He proceeded to tell me that he would prescribe me a pain medication that I am allergic to and another medication that I was already taking. When I told him that I am allergic to the pain medication he was prescribing me he added he was going to prescribe an antibiotic and that would help with the pain. And again, I had been taking 4 different antibiotics since April. I replied the antibiotics are not working. He clearly got ticked off with me protesting stating well the pain meds don’t seem to be working. I reminded him of how many people I have had to look at and how uncomfortable I had been while being placed against a wall with a sign that read “transition 1” in a hallway, that I had to change in and out of a gown in a public restroom, and remained miserable the entire time I was there. He remarked this is all he would do. As if that was not a horrible experience I had, I had a follow up visit with my family doctor and he informed me that this doctor, Dr. Edward Lee, added remarks in my medical records stating something to the letter that I was seeking narcotics!! I also overheard this woman’s issue with her pain, her struggles with methadone, and cry to a nurse and doctor about her lack of care with no pain medication. How in heaven’s name is this sort of medical treatment moral and / legal? Might someone advise me?

  10. First, If I post on here Will I actually get a reply by someone in / from someone that works with HIPAA Law?
    Okay, I was going through a Work comp deal. The Office closed my case with out finishing with medical help. So, I requested all my Paper work so I can get a lawyer. In the Middle of the paper work, they sent me paper work for another individual in another state. It has all his Personal info on it except his full SS# just the last 4. I called the office and told them about it. But have not contacted me back about it. I’m NOT the type of person to mis-use this info. But, I’m Not sure how this works. I’m getting a Lawyer because this company is shady in the first place.. Now this! & is this the first time they have done this? IDK? What do I DO???

    1. If you think that HIPAA laws were violated, you can file your concerns with HHSC in your state. They will determine if the practice falls under HIPAA regulation.

    2. You need to report to the facility that provided you records that they provided you someone else’s records as well. The facility should make arrangements with you to get the records back and report the breach to the state and federal agencies.

  11. Is HIPAA only applicable to those in the healthcare field?
    I keep reading about the covered entities, healthcare providers, health plans, and healthcare clearinghouse. But if two people non medical people are talking about a third that was injured is this a violation of HIPAA? The two people gossiping have never seen any personal medical records they are only talking about what the third openly talked about at work.

    1. The HIPAA laws only are applicable to those entities that meet the requirement of payment set forth by health insurance and those working in health insurance that might have access to personally identifiable information in regard to patient files and sensitive medical records.
      Now, to be clear, not all individuals that work in health care related professions fall under the auspices of HIPAA regulation and thus HHSC cannot enforce or levy any sort of fine set forth in these laws. Also, the laws typically target the practice where that individual works and not the individual who commits the offense. So if Betty Jo works at Dr. Bob’s office and through the practice, learns Peggy Sue is pregnant and doesn’t know who the dad is, then decides she wants to talk about it at the next community social, she commits a HIPAA violation. If word gets around to Peggy Sue that Betty Jo has been gossiping about her medical issues, then Peggy Sue can contact the HHSC in her state and file a complaint. Once the HHSC personnel review her complaint, they may ask other questions to see if the provider falls under the auspices of HIPAA enforcement. If that’s determined, they will investigate Peggy Sue’s complaints. If those complaints are valid, then they will determine what actions, if any, need to be taken against the owner of the practice and the fines will be levied against the practice and not necessarily Betty Jo.
      Now if Betty Jo is just some lady that is in no way affiliated with Peggy Sue’s health care that heard “through the grapevine” about the pregnancy and starts the rumor mill, then it’s just too bad, so sad. In spite of how upsetting the Betty Jos in our lives are, we really don’t want our government levying fines on the town’s gossiper. The reason is because those same laws can be used on YOU, when you have never agreed to keep something in confidence. It doesn’t make you a Betty Jo, necessarily. It can be you just get accused of saying something that you didn’t realize was a secret and now HHSC is at your door, with little to no actual due process, for you to write a check because you “spilled the beans” about Peggy Sue, in spite of no ill meaning to do so.
      Referring back to “not all health care providers fall under the auspices of HIPAA regulation,” this is also important to note. Certain services that might be thought of as health care related, but aren’t typically paid for with medical insurance, like sometimes midwives, massage therapists, holistic healers, etc…these people likely may not fall under the auspices of HIPAA regulation and, if they go blabbing about the “disgusting wart on your back that has 3 eyes and speaks Japanse,” they won’t be fined or jailed and there is nothing, aside from writing a bad review online about them, that will happen to them.

      1. What if this is in a hospital among nurses and your medical information is being talked about when a person in charge was told not to discuss my health information? Can someone tell me what they think?

  12. Recently, an unknown individual at the practice where I work has intentionally posted confidential patient information to various web pages in an attempt to sabotage the company. Currently, the authorities have discovered over a dozen HIPAA violations and we are looking at a major lawsuit. I work at a small, private practice consisting of only 16 employees, plus the CEO. If the person or people responsible are not caught, who will be penalized, and what type of penalties are likely to be enforced?

  13. According to the different penalties applied to HIPAA violations, I notice this, “Willful neglect but violation is corrected within the required time period”. If the violation is release of PHI without consent, how can that be “corrected”? The information is already out there.

  14. Hospital requires wearing a mask throughout the entire hospital, not just working around patients, except the cafeteria,if an employee did not get a flu shot. The employee has a pre existing condition and is allergic to the influenza vaccine. Is this not a HIPAA violation in that now all the staff know that this employee has a medical condition? Also, can this be considered discrimination in that any person be it a patient, visitor, vendor….whom they don’t know whether they have received the flu shot or not can enter the hospital at anytime and not be required to wear a mask?

  15. I work in a medical office a patient came to my window I asked her for her new insurance card as instructed to me by my office manager. The patient was in the middle of telling me that her husband had left her and her took her of his insurance and that she was applying for Medicaid which would backdate to the date of services. Before I as through with the patient the practice manager comes to the window and tells the patient she has a 200.00 balance, the patient was upset…This patient also had dropped off a form to be signed by the Dr. for employment and on the form it asked if the patient had any mental illness it happens that the patient has bipolar she waves the paper in front of me and says to the patient :”I don’t think you want this form for employment since it states ‘YOU ARE BIPOLAR”. The patient was upset as well as I was so upset and even though there were no other patient’s in the waiting room it certainly wasn’t my business or my two coworker business that that patient has bipolar disease. what would be the best thing to make sure this does not happen again and believe me it happens all the time. what are my rights as an employee if the patient does not make a formal complaint

  16. I was a healthcare professional for 28 yrs, but did not in a setting of direct patient care, more use of medical decisions for injured workers. I was in a ” voluntary program ” and 8 mths from completing 10 yrs and graduating. I was required to attend an evaluation ONLY by a physician in a different county. Results were that I had to voluntarily surrender my license permanently, to never practice the only profession I have have known. Subsequently, I learned the “evaluator ” ran the PDMP without any written authorization. I realize I may not get my license back, but I feel the evaluator’s actions and info he shared with at least 4 others without my written consent is a violation of my HIPPA rights. Could someone please advise. To clarify, I never had any complaints/grievances by any patients or employers! Please advise! Thank you

  17. The post-truth era is just not here truly yet. Refactual’s objective can be to clear the perplexity between truth as well as belief. How okay do we do? Check us out!

  18. I’ve been seeing my primary care doctor for a year now that was assigned to me after my other doctor retired … Well i have Lupus and scleroderma and some other health issues … And this I’ve seen him 10 times in a year and for some reason he never remembers me as so yesterday morning i had a appointment with because for the last 3 months I’ve had to go see him because I’ve been down with my lupus and for over a month I’ve had one the worst headaches that started with a migraine ….So yesterday morning he walks in and says so you been having headaches who is your primary care doctor and i said are you kidding me why don’t you remember me I’m your patient …You have been writing my meds do you even know what you have been writing my meds for … And this primary care doctor told me know i have not read your medical records not once … And then ask me what kind of insurance did I have and i told him I’m on SSI and I’m Medicaid that’s why i have to come there so he told he had to see my SSI paperwork…. Well isn’t private … And then he told me i to come home and get them so he could go through them ….My SSI paperwork has nothing to with what he was seeing me for …. And then once i returned he openly in front of other patients said you need to have a hepatitis C blood test well one number that horrified me and embarrass me number i have Lupus not that i have a rheumatologist and a copy of his records are with my medical records at the doctor’s office … But it even got worse he had me so upset crying in front of people …Then he said well maybe i need to do a UA on you well that’s fine because he has never done anything …Then he tells me none of my meds are in me … Well I’m not on pain meds I’m on Topamax for migraines and Plaquenil for scleroderma from the Lupus and Valium for severe anxiety attacks and meds for restless leg and Lasix and Protonix and Carafate and inhalers for asthma …. Well the thing about it being on 400 mg of Topamax a day will cause a false negative on a UA test he is a doctor he should know that because Topamax speeds up a person’s metabolism…Topamax is used for migraines neurological problems people with seizures and also to help people lose weight …. But my doctor went crazy yesterday morning he was screaming at me in front of patients …I don’t understand why you don’t remember you’re patient and what there health issues are and why all at once he wants to see my private SSI paperwork than are private documents… Shouldn’t this be against my Hipaa Law

  19. My husband and another patient have had their medical billing ‘co-mingled’ with each other. We’re received his billing, plus diagnosis descriptions and procedure descriptions on the bills, have been charged and paid co-pays, billing balances that were not ours. I know that HIPAA refers to ‘willful’ disclosure of medical record information. Would this be a case for HIPAA? I believe this may be extending back as far as 13 years and we have just discovered it. Please advise.

  20. What if my husbands ex wife accessed our online health tecords by changing our usernames and passwords and having thrm sent to a major corp email address i did get verification in thr mail today that she changed thr password had it sent to her work email e ghr ip address and what she has accessed this has been very heated she has not right legally to acess our PHI and has fraudulantly changed the information yo hers. It say to contact out local law enforcement what law can can we get her on ???

  21. Help! I am a dispatcher for a private ambulance service. last week we had an employee call in and I was asked by my on duty supervisor to order a well check on this co worker. later I was informed by my street sup that this person tried to kill themselves and this was what was going on. I was defending the person and said oh she tried to kill herself. Tonight my street sup asked me if I had said anything and I told the truth, but here is my question? is this a violation, we didn’t treat transport or dealing with this patient at the time of her crisis. if it’s a violation that I told someone wouldn’t it be a violation that my sup told me to begin with… I have 2 babies and don’t want to go to jail and can’t afford a 10,000 fine or to loose my job

  22. What would you recommend if there was an employee with boundary issues at a facility and proceeded to have a relationship with a patient after their discharge?

  23. At a hospital I worked for, three flowsheets came up missing. As far as I know no one has found them. Multiple nurses and staff had access to them. Do you know what could happen in the situation?

  24. My ex husband is a DPM, he and his partner at his practice accessed my medical records as well as my new husbands medical records. The Cleveland Clinic confirmed that this happened and we have a letter in writing from them with the dates and what was accessed. What can I expect will happen when I file a complaint?

  25. We have informed two separate medical entities of serious HIPPA violations. Medical records, my son’s and mine were violated in so many ways it would be difficult to list them. In once instance a patient portal was created in my name, my records viewed. Company initially beautifully reactive- kept me informed but elusive on what happened to violator. Then claimed nothing happened, please go away.

    School obtained medical records for a kid over 14 without his consent, no, FERPA does not apply with NO medical person employed there or reason to obtain records. My son’s were passed around and viewed like a magazine by non-medical people, intent was to ‘ un-diagnose ‘ this kid, and claim truancy. They said medical excuses we provided would be invalid- your tax dollars at work, btw. No, really. True story, in fact I’m guessing someone will recognize this and blow a gasket. Complain? Of course. HIPPA means not a thing, I am sorry. This is not snark- it is what we experienced.

    We told both medical companies where to look for the violators. As far as we can ascertain by the continued breaches of our medical records, not a thing was done. We did contact HIPPA just once in our state. When told they could find no violation, we gave up. It was a terse communication, intimidating on their part. This is PA. Perhaps it depends on which state.

    There’s also a horrendous story involving a court order to give someone the password to a patient portal. True story. I’d be breaking the law to do that, and in contempt of court not to. Where’s HIPPA when lawyers and courts put patients at risk? We sent the whole mess to the hospital’s legal department, copied everyone involved and stopped believing HIPPA protects medical records.

  26. So where I work we use electronic tracking systems for our emergency room. A patient came in and was also an employee who had not come into work that day. I noticed the name on our phlebotomy list, and I opened the chart to make sure the tests were times correctly. I accidently went into the notes instead of the orders and someone sitting next to me noticed I was in said patient’s chart. They had told the patient what I did and now am being investigated…… Did I really violate HIPAA?????

  27. Hospital failed to return health insurance card, lost my son’s wallet and phone. The nurse did not return my card to me. Sicurety refused to give me his belongings. Hospital blames ambulance service ambulance service blames mental health facility. I’m getting the run around.

  28. You want to hear willful malice. My gyno posted my entire medical record with my photo containing fake information about me on a court file system without my consent or a court order. He posted it for his malicious lawsuit based on his medical fraud suing me his patient for speaking out about his fraud and what him and his staff did to me. He posted my record to benefit himself in his lawsuit and altered the information to coincide with his case of lies. His Lawyer posted it as a business associate. It was not censored, mostly irrelevant, and available for the public to view for days. It also pointed my signature on medical contracts, the financials of my insurance, my insurance information, and countless identifying information. My medical record contains fraud information that will not be fixed because from day one when I confronted the office i have been called a liar so that he could charge for excessive services. The lawyer originally argued it was relevant and not a crime and just left it there. I had to get the judge to force them to seal it. It’s still there. I have been refused to amend my record. I put in a complaint about fraud to my medical insurance and even at my request I am denied the right of access and he refused to send my record to my insurance. My insurance sent people over and he flat out refused to cooperate or hand my record over. Although he had no problem posting it publicly on the e-file system. I can’t believe how bad and blatant this is. This is beyond willful and malicious. I hope that HIPPA really does enforce the law. I feel beyond betrayed and humiliated. My sexual health isn’t something that should be on public display. falsified, and then used against me. Since i am still being sued by this doctor for my yelp review I am not posting my name but complaints have been filed. I really do hope there is some justice I am so disgusted.

  29. My question is my doctor retired & sold his practice to another doctor. THE NEW doctor whom I have NEVER heard of LET alone SEEN will NOT REALSE MY MEDICAL RECORDS TO ME.He says he will ARCHIVE them & CHARGE me for a copy. HOW is this legal? WHEN I had NO prior knowledge or GAVE MY CONSENT to this doctor? I HAVE to give WRITTEN consent when I want or need to share my test results amongst MY DOCTORS. So HOW are these doctor’s GETTING AWAY WITH SELLING MY MEDICAL INFORMATION TO ONE ANOTHER? And we WONDER how ALL OF THIS INSURANCE FRAUD IS HAPPENING! I FEEL COMPLETELY VIOLATED!!

  30. I am seeing a LPC at lifelinks in Mattoon Illinois. She has shared information from my file with her supervisor many times without my consent. She is also talking about me with her coworkers (other counselors) how do I make an official report to h i p p a? What is the phone number or address please?

  31. Er sent an automatic fax to my pcp disclosing info that I did not want shared with ANYONE now I have to find a new pcp can not go back there and keep my head down because I’m embarrassed and hope I don’t ever run into anyone from that office on the street ps what I went to the er for had nothing to do with the result they sent then I see that it doesn’t matter what I’m going thru I have to make complaints phone calls and start all over with a new doctor non of it is my fault and even if I do complain they don’t do shot for me they fine them and keep the money them selves !? Where does that money go that your gonna get for my misfortune and the horrible situation I’m going thru?

  32. Question social sevices were going to pay a dentist bill 4 me my fst appt i showed up a little tippsy because my tooth really hurt the dentist office valled socoal services n told them i showed up drunk no ss wont help me i never gave anyone permission to talk about me or my problems what should i do its in md

  33. When my 95 yo Father was in a hospital, a person NOT RELATED TO HIM OR HIS FAMILY, put on his Hospital form, that she was his “daughter”. Besides being a misrepresentation and/or fraud, would it not be a HIPPA violation as private/personal medical information was shared with her, that should NOT have been . What recourse do I have to protect my Father’s medical privacy?

  34. I have a question. I’m a patient at a methadone clinic. My counselor told another client my personal business about my recent relapse. This client then took that information and told my employer and now I’m kicked out of a business that I helped create. What can I do please?

  35. I have a question. I’m a patient at a methadone clinic. My counselor told another client my personal business about my recent relapse. This client then took that information and told my employer and now I’m kicked out of a business that I helped create. What can I do please?

  36. Would it be a HIPPA violation if someone text messaged a third party person about an emergency involving an allergic reaction in a specific child care room and the date of the occurrence? (The person didn’t give out the child’s name, age, DOB, what caused the reaction [what the person was allergic to] and if it was a known or non-known allergy).

  37. Hello,

    My 15 year old son had an MRI. I later found out that the Radiologist miss read the MRI images. I asked the owner, who is a Doctor, to have another Radiologist in the office rereview the MRI. I later received an email from the owner that the Radiologist that miss read the MRI sent my son’s MRI to some of his “Professional Friends” to review. Later, I took the Radiologist and owner to small claims court for the perception error. During discovery I found out that they sent my son’s MRI to another Radiologist who prepared a declaration about the mistake made. They did not even bother to redact my son’s date of birth. What would be the penalties for this? Thank you.

  38. A dr. Told a family member of my moms condition via a phone call even though im her daughtet & on her medical papers.

  39. A Women I know works for Sharp Medical Offices in San Diego. I discovered in October of 2015, from my ex-husband that she looked up the medical information for his ex girlfriend and gave this information to my ex-husband in May 2015, and unauthorized third party. The information included the ex-girlfriends medical information and that around April 14-20th 2017 she was prescribed some anti-anxiety medication. The purpose of the information look up was to see if the ex girlfriend was pregnant. I am not sure of the outcome, but that was the information that I received. Is this something that I can send in a compliant to HIPPA about

  40. I am a patient at a clinic where I am on a self help program which requiresmonthly u.a.’s. I tested dirty for first time ever. Nurse who did intake called my job at high school and told staff to test all substitutes because one of their substitutes is a patient at theur clinic and just tested dirty. Well i was only sub getting leave at tge time for Dr visits. Came back to work and was told to go home u was no longer needed. Can I file a lawsuit and remove all my records from this particular office?

  41. I recently sent my boss private health information concerning myself. I wanted to disclose this to her because it was in my first 90 days of employment at a health plan. After I sent her the information, which was very private and detailed, my boss informed me that my co worker was also on that same line and so my information was carelessly exposed without my knowledge. Is this a violation. I work for a health plan and the boss is my director.

  42. I was admitted into the hospital from an ER at a facility located in a different city. I was transferred by ambulance. During my arrival I was wearing the gown given to me from the Er. A nurse walked in and said I had to change into a different gown. I asked if the curtain could be closed because the window blinds were open and I could see lights from outside buildings on even though we were on the 2nd floor. She replied with no your fine and pulled off my gown and I immediately covered my breast and she pulled off my top. I felt very sick and didnt say anything after she did that but the next day I told the charge nurse what had happen. What can I do about this. In the same hospital I was going to get and xray and the tech forgot an apron. She asked if I was pregnant I said no I had a test but I still wanted to cover my reproductive area as I still plan to have children. A Male person in scrubs came into my room and said I didnt need one. When I said I wanted one he said I called the on call doctor you don’t need it. I asked who are you and what do you do here since he never identified himself he showed his badge and said I’m a rn I asked what’s your name. I explained I felt it was necessary to protect my self. He said ya ok necessary sarcastically. I said please get me your charge nurse. Other things have happened including poor doctor documentation. What can I do about all this I need help. I was told if I leave its against medical advice and can become an issue. But I’m not comfortable with my level of care.

  43. A nurse had gave out my medical condition over the phone I didn’t give her permission and they where told to let me tell who I wanted to and not the situation was embarrassing and I didn’t want everyone to no to be honest I didn’t want no but my sister to no but the nurse still gave out my information any way is that considered a hipaa violation

  44. If a office manager of a practice discloses private patient-physician conversation AFTER she retires and leaves the practice, is that still constitute a HIPAA violation against the practice? Is there a specific timeline related to employees who leave a specific practice with personal knowledge of patients?

  45. My ex-girlfriend is a nurse. I was hospitalized with a stroke about a year ago. She did not work at that hospital, but is threatening to disclose my personal medical history to my employer(and any future employer), in hopes of me being let go. Is this any sort of HIPAA violation, even though she’s not employed at that particular hospital? She works at a different one within the same state. Should i go to the Nursing Board and inform them? She is currently a LPN but will be starting the RN program in the fall.

  46. I asked my PCP To mail me aSenior flu vaccine script. Her office is1 hr away and I have no transportation. I’m disabled in chair and My disabled lift van Doesn’t consider a shot a medical appt so therefore won’t pay it- it costs $20.00 round trip for a shot.I asked the pcp nurse if Dr could mail me the script and was told NO because of HIPPA law? I can’t find that anywhere that states a dr can’t send a non Opioid script to patient so I can get shit at my medi clinic next to my building?

  47. At Baptist Health Medical Group on State Street in New Albany, Indiana, the Physician sees his patients then goes into his office with his door open and dictates the entire visit into an audio machine where his patients and the Nurse Practitioner who share the same office, her patients as well when they check out can hear the entire visit … the patients have even commented on him dictating their cases…it is a family practice where everything from STDs to Opiate Abuse, which he has a special license for are discussed…when asked I refer them to the manager but this continues… I have recently left the practice due to unprofessionalism and the lack of patient care & privacy…I don’t think they truly understand the exact meaning of HIPAA…they talk it and they have meetings… but they tell you not to shut your computer down when you walk away or go to lunch because it takes to long to bring it back up and the patients have to wait… they are signing in other employees into computers when they are not on time… which again in training we were trained absolutely not to do this…passwords are supposed to be yours only…someone needs to make sure they understand this is serious violations…I tried but just get retaliation or the worst environment I have ever had to work in for saying anything…

Leave a Reply

Your email address will not be published. Required fields are marked *