Wednesday, February 25, 2015

Hospital Employee Gulity of HIPAA Criminal Charges

For over one year, from from December 2012 through January 2013, a hospital employee in East Texas stole patients' identities with the intent to use them for person gain. He has been sentenced to eighteen months in federal prison for criminal HIPAA violations.

While to date prosecutors around the country have lodged few cases asserting criminal violations of HIPAA, attorneys say the health care industry's shift to electronic medical records (EHR) will present more opportunities for unauthorized access to protected health data (PHI) that will prompt more criminal actions in the years ahead.

"The conviction of a corporate entity [for HIPAA criminal charges] is certainly allowable and supported by the criminal penalties in the statute."
- James M. Jacobson, partner, Nutter McClellen & Fish
Although criminal prosecutions are expected to continue to focus on individual bad actors, attorney James M. Jacobson said it was not unreasonable to expect some corporate convictions in the next few years that center on “corporate policy or procedures being so lax or nonexistent that ultimately they enabled the rogue employee to act.” Organizations seeking to proactively detect data privacy breaches by employees and contractors can utilize low-cost on-demand SaaS analytics servcies.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Former Hospital Employee Sentenced for HIPAA Violations - www.Justice.gov, 02/17/2015
(b) HIPAA Criminal Charges To Gain Steam As Data Goes Digital - www.Law360.com, 08/14/2014

No comments:

Popular Posts

Copyright © 2010-2011 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.