Pressure to Donate to Presidential Candidate Alleged As Part of Discrimination Charge...
News Flash - Hiring Externally is More Expensive....

The Medical Records of Paris Hilton - Would Your Team Violate HIIPPA and View Them?

New reports out of LA show that the UCLA Medical Center employees love looking at the medical records of celebrities.  Nice!

So, the employees got caught looking and now they're paying the price.  I get that.  I'm supportive. More interesting to me is that in a small, medium or large HR shop, HR people have access to a lot of PHI data, often without the login security and tracking that an EMR provides.  Also, a lot of data exists in medical files related to PHI.  Here's the $64K question.  If given the chance, would your HR people look at that data and maybe look up a code on the treatment provided?  Are you sure?

More on the UCLA Medical Center situation from the LA Times:

"Even after UCLA Medical Center warned employees that it was cracking down on unauthorizedParishiltondrunkdriving access to medical records, the privacy of a "well-known individual" was breached by two nurses and an emergency room technician who called up the patient's computerized records in mid-April, according to a critical state report released Monday.

Monday's report was the fifth by the public health agency following articles in The Times this year about UCLA employees' prying into the records of celebrities and prominent patients, including California First Lady Maria Shriver, actress Farrah Fawcett and singer Britney Spears.

State regulators continue to fault the hospital for failure to take adequate steps to maintain patient confidentiality. After the April violations, the report said, one nurse was fired and the two other employees received warnings.

The latest findings detail how one employee -- a former administrative specialist who faces federal criminal charges for violating Fawcett's privacy -- looked at the records of 939 patients "without any legitimate reason" from April 2003 to May 2007. In previous reports, the state had linked her to viewing the records of about 60 patients. She also looked at other personal information, including Social Security numbers, the state now says."

Now, that's what I call an admin gone bad... Do you even know what your employees have access to?  How do you protect access to this type of information on Joe Schmoe?  The same procedures/systems that protect Schmoe protect Paris. 

Human nature is at work here.  We're imperfect.  Name a privacy officer in your department and route all system access, dealing with Medical vendors, FMLA certifications, etc. through them unless someone has the need to know or is working the case.

I mean, can you imagine how many HR people would take a peek at David Hasselhoff's medical history?   The life-event section of the employee file alone probably requires one of those book-size rubber bands.... 

Comments

Michael Haberman, SPHR

I will tell you what, if that DOB for Paris in the picture is for real she could sell her anti-aging secret for a gazillion dollars.

Steve Roesler

Given what, graphically, Ms. Hilton has already chosen to reveal voluntarily via online media and elsewhere, I doubt that I'd get much of a buzz looking at her medical file.

And: If I were the attorney for the peeping Toms and Tom-ettes, I can visualize myself in front of a jury waxing poetic about the lack of distinction between publicly displayed private parts and privately kept allusions to parts acquired in the cosmetic aftermarket. One might call it the "Pep Boys" defense.

Alas, I am a weenie and if I signed papers saying "no peeking," I really wouldn't peek.

It will all show up on the E Network at 3 a.m. anyway.

Whatever happened to the easy HR stuff like, "My boss is threatening to fire me if I don't go to Pago Pago with him for the weekend?"

I wonder what Evil has to say about this one...

The comments to this entry are closed.