Tuesday, May 4, 2010

Prison for HIPAA Privacy Violator

There are so many strange aspects with this case that I am not sure I would draw such a tight headline to HIPAA. The main part of the story that I don't think is made clear is that this is yet another case of an employee getting FIRED and their account not being disabled for at least four weeks.
On Oct. 23, 2003, he received a notice of intent to dismiss him for performance reasons that did not include illegal access of medical records. That evening, he accessed medical records of his superior and co-workers, and during three other periods during the next four weeks accessed UCLA patient records, many of them involving celebrities, a total of 323 times, according to the FBI office in Los Angeles. More