Confidentiality is paramount in the medical scenario. But are healthcare providers careful enough? Disturbing news about patient data leak and breach of confidentiality are likely to seriously affect patients’ attitude towards care givers.
A recent court settlement in a Suffolk Superior court has brought to light the unpardonable practices some agencies indulge in just to save a few dollars. The accused in the case are a couple in Marblehead and four pathology groups for which they were handling the medical billing. Their offense: throwing sensitive patient medical records into a trash dump in an effort to dispose of them cheaply. Their labor to save money has landed them in serious trouble, and along with the pathology groups they have to pay a huge fine of $140, 000 for jeopardizing sensitive patient data. The medical records dumped carelessly were of 67, 000 Bay State patients. Court documents prove that the records were disposed of when the couple retired from the medical billing business in 2010.
The accused were criticized for violating state laws that are intended to protect patient information. Their callous action has endangered thousands of patients whose names, social security numbers, medical details, date of birth, phone numbers, health insurance information and other personally identifiable information are there on the disposed medical records. The couple failed to implement the required security measures to safeguard patient data, and worse still, allowed a third party (their son) to just throw the documents into a trash dump. The court found this to be a grave violation of patient privacy as well as violations of state consumer protection and data security laws. As for the pathology groups, they were charged with violating the federal 1996 HIPAA regulations because they failed to protect the “protected health information” of hospital patients they revealed to the couple. Moreover, they were also guilty of violating state data security regulations by not ensuring that the couple could protect the sensitive information.
The court emphasized the need to dispose of sensitive information properly to avoid data breach.
While this development is an eye opener to healthcare professionals as well as medical billing and medical record review service providers, it is a pointer towards a dangerous state of affairs. It highlights the importance of entrusting sensitive medical data only to the right hands. Wrongdoers may be punished, but the larger question remains regarding the patients who have been made vulnerable following the copious data bleeding.