Thursday, July 7, 2011

UCLA Health System Agrees to Pay $865,500 for Snooping of Celebrity Medical Records

The UCLA Health System (UCLAHS) agreed to pay federal regulators $865,500 for violations of HIPAA, according to a press release from the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR).

The settlement covers the breach of patient privacy involving two celebrity patients who had filed separate complaints with the OCR.
"Covered entities need to realize that HIPAA privacy protections are real and OCR vigorously enforces those protections." - OCR Director Georgina Verdugo
While regulators and hospital management decline to disclose the identity of the celebrities, the fine covers 2005 to 2009. During those years hospital employees were fired for snooping on protected health information of celebrities such as Farrah Fawcett and Britney Spears.
"Entities will be held accountable for employees who access protected health information to satisfy their own personal curiosity." - OCR Director Georgina Verdugo
OCR’s investigation into the complaints revealed that from 2005-2008, unauthorized employees repeatedly looked at the electronic protected health information of numerous other UCLAHS patients.
Learn about a proactive privacy breach detection service. Read a whitepaper about an automated solution that proactively discovers breaches of patient privacy - with no hardware and no on-site software.
The HHS Resolution Agreement and CAP can be found on the OCR website at

(a) University of California settles HIPAA Privacy and Security case involving UCLA Health System facilities - U.S. Department of Health and Human Services Press Release, July 7, 2011

No comments:

Popular Posts

Copyright © 2010-2017 by Veriphyr Incorporated, All Rights Reserved.

Contact us at