The lawsuit spun out of a tangled relationship between the pharmacist, her husband and the man’s ex-girlfriend, the plantiff.
"As a provider of pharmaceutical service, the defendant owes a non-delegable duty to its customers to protect their privacy and confidentiality of its customers’ pharmaceutical information and prescription histories." - Lawsuit documentsIt is noteworthy the jury ruled against the drugstore as well as the pharmacist. They determined the drugstore was negligent in training and supervising the pharmacist, who breached statutory and common law duties of confidentiality and privacy to the customer.
Should an employer be held responsible for the actions of its employees/contractors? Is a training program sufficient to demonstrate a company is protecting patient health information? Could companies make a stronger case if their oversight included proactive privacy breach detection? What's your opinion?
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) Walgreens must pay woman $1.44 million over HIPAA violation - IndyStar, 07/29/2013