HIPPA violation????

Status
Not open for further replies.
J

jessejohnson

New Member
My ex-wife and I have a daughter who seeks routine medical care at a local Family Practice Center, my ex- mother-in-law is also the "office manager" at this facility. My ex-wife comprised custody court documents to be filed at the local courthouse, included my name, address, social secuirty number, birthdate, and contact number along with attaching copies of our current custody court order with contained both my personal information, our child's personal information, and information pertaining to my current wife. My ex-wife then transmitted this paperwork, along with a petition for emergency custody secondary to suspected endangerment of our child's welfare to her attorny's office on a Sunday from the Family Practice Center. This medical facility is not oopen on Sundays, so my ex-wife either had access to the fax machine at this physican office, or my ex-mother-in-law faxed it for her, either way, my information was not permitted to be faxed from this physican's office due to I had no knowledge, personal custody matters were exposed into a medical setting where both my ex-wife and I are responsible for bringing our child for care, we share 50/50 split physical and legal custody. It was recently brought to my attention that once again, my information relating to custody court proceedings, along with our child's personal information, and my current wife's information was transmitted via fax from this physican office to an attorney's office, this time on a Tuesday afternoon; whereas, the office was open and my information was subjected to the viewing of additional medical staff. Is this a violation of my privacy rights, and what measures can I persue to not have this continue to happen. I live in a small community, and now my personal information seems to have become public????
 
Violation of your privacy, huh? Hint: no one will care.
Hint: many will gossip and gawk.


Sent from my iPad3 using Tapatalk HD
 
jessejohnson said:
My ex-wife and I have a daughter who seeks routine medical care at a local Family Practice Center, my ex- mother-in-law is also the "office manager" at this facility. My ex-wife comprised custody court documents to be filed at the local courthouse, included my name, address, social secuirty number, birthdate, and contact number along with attaching copies of our current custody court order with contained both my personal information, our child's personal information, and information pertaining to my current wife. My ex-wife then transmitted this paperwork, along with a petition for emergency custody secondary to suspected endangerment of our child's welfare to her attorny's office on a Sunday from the Family Practice Center. This medical facility is not oopen on Sundays, so my ex-wife either had access to the fax machine at this physican office, or my ex-mother-in-law faxed it for her, either way, my information was not permitted to be faxed from this physican's office due to I had no knowledge, personal custody matters were exposed into a medical setting where both my ex-wife and I are responsible for bringing our child for care, we share 50/50 split physical and legal custody. It was recently brought to my attention that once again, my information relating to custody court proceedings, along with our child's personal information, and my current wife's information was transmitted via fax from this physican office to an attorney's office, this time on a Tuesday afternoon; whereas, the office was open and my information was subjected to the viewing of additional medical staff. Is this a violation of my privacy rights, and what measures can I persue to not have this continue to happen. I live in a small community, and now my personal information seems to have become public????
Click to expand...


Were your medical records accessed without your permission and then transmitted?

Answer my question please.
 
My $0.02: A HIPAA violation does not necessarily have to include medical records; it could be any personally identifiable info (SSN, address, ID/phone number, ...).
It does not have to be the OP's info; I could file a violation against a medical office for violating the HIPAA laws, without any individual's knowledge or consent. (This is how many healthcare establishments get nailed by disgruntled ex-employees.)
HHS is beginning to act like the IRS :)

The medical office here needs to stop its workers from using its fax machine for non-official use, especially since they are subject to HIPAA. A complaint to HHS about this incident would take care of that. At worst, OP would be told he/she doesn't have a covered complaint, with no penalty for bringing it to HHS' attention.
If HHS decides to investigate, OP might have to prepare for some retaliation from the parties concerned.

FYI, I have worked in places (subject to HIPAA), where one could get terminated if caught on the premises with a wireless network device not registered with their IT Dept that could transmit any of their info out of there.
 
HIPAA SPECIFICALLY covers "protected medical information".

This protection does not extend to addresses, phone numbers and the like.

I have worked both "for" and "against" the FDA in my time, and yeap, I'm painfully aware of what HIPAA does and does not involve.
 
Interesting... While working on the software systems, we were told anything that could individually/personally identify a patient (even if medical history is absent), like enrollment info, was covered under HIPAA.
 
I would expect the ex wife already had all of that information. Perhaps she was just making use of the fax machine? Nothing wrong with that.
 
HIPAA -
What Information is Protected

Protected Health Information. The Privacy Rule protects all "individually identifiable health information" held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral. The Privacy Rule calls this information "protected health information (PHI).

"Individually identifiable health information" is information, including demographic data, that relates to:

.the individual's past, present or future physical or mental health or condition,
.the provision of health care to the individual, or
.the past, present, or future payment for the provision of health care to the individual,
and that identifies the individual or for which there is a reasonable basis to believe it can be used to identify the individual. Individually identifiable health information includes many common identifiers (e.g., name, address, birth date, Social Security Number).

The Privacy Rule excludes from protected health information employment records that a covered entity maintains in its capacity as an employer and education and certain other records subject to, or defined in, the Family Educational Rights and Privacy Act, 20 U.S.C. §1232g.

De-Identified Health Information. There are no restrictions on the use or disclosure of de-identified health information. De-identified health information neither identifies nor provides a reasonable basis to identify an individual. There are two ways to de-identify information; either: (1) a formal determination by a qualified statistician; or (2) the removal of specified identifiers of the individual and of the individual's relatives, household members, and employers is required, and is adequate only if the covered entity has no actual knowledge that the remaining information could be used to identify the individual.

http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html
 
Natey said:
Interesting... While working on the software systems, we were told anything that could individually/personally identify a patient (even if medical history is absent), like enrollment info, was covered under HIPAA.
Click to expand...



That could well have been your employer's policy.

A case of the CYAs, perhaps?
 
Status
Not open for further replies.

Share this page

Get a free case review from a lawyer
Back
Top