Monday, February 17, 2014

Employer Liability for Texting Health Info

John Doe was treated for a sexually transmitted disease (STD). A clinic nurse, who knew Doe’s girlfriend, texted her about the STD. When Doe learned of the texts he complained to the clinic and filed a federal diversity action.
The court stated a medical corporation “may also be liable in tort for failing to establish adequate policies and procedures to safeguard the confidentiality of patient information.."
- Workplace Privacy Data Management & Security Report
In Doe v. Guthrie, the Second Circuit Court of Appeals dismissed a patient’s claim against a medical corporation for alleged breach of fiduciary duty based on a non-physician employee’s unauthorized disclosure of confidential medical information. It did so because the NY State Court of Appeals answered the following certified question in the negative: “Whether, under New York law, the common law right of action for breach of the fiduciary duty of confidentiality for the unauthorized disclosure of medical information may run directly against medical corporations, even when the employee responsible for the breach is not a physician and acts outside the scope of her employment.”

Despite the ruling in this case, the court stated a healthcare organization “may also be liable in tort for failing to establish adequate policies and procedures to safeguard the confidentiality of patient information or to train their employees to properly discharge their duties under those policies and procedures,” thus healthcare organizations must be cautious.

Inadequate policies and procedures to protect patient information could expose organizations to damages in these kinds of suits, as well as penalties under HIPAA. One procedure organizations can utilize is proactive detection of patient data privacy breaches with low-cost on-demand SaaS analytics services.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Employee’s Unauthorized Texting of Confidential Health Information May Impose Employer Liability - SOURCE_NAME_AND_DATE

No comments:

Popular Posts

Copyright © 2010-2011 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.