HIPPA Violation: Non-Medical Staff Accessed and Shared Medical Records. Who Do I Sue?
Provided by HG.org
When a violation of the Health Insurance Portability and Accountability Act occurs, severe penalties may be issued against the perpetrator when he or she is discovered due to the confidentiality of the records. However, if proper measures are not in place to ensure the data has been secured, the medical facility could be at fault in the incident as well, and a claim may be possible.
Protecting healthcare information is paramount, and when the patientís files have been disclosed to other sources, the hospital, medical facility or a third-party may be liable for damages. The preventative measures taken to secure the data should prevent normal intrusion by someone without access. However, if the hospital did not implement sufficient security protocols, it is possible that an outside source that is not part of medical staff could have copied or stolen records. While the appropriate party that has taken the information should be held accountable, he or she may not have been discovered if an investigation into the matter transpires. Then, the victim may need to hold the facility responsible and attempt to litigate the issue.
When the actual person has been discovered that did violate the HIPAA, he or she could face severe fines, prison terms and criminal prosecution. The punishments usually require two different cases for the individual to recover financially or to obtain compensation. However, a criminal proceeding may initiate from the violation to ensure justice is served. In regards to the medical facility, the victim may need to start a claim to recover from the incident. It is important to contact a lawyer to determine if there is a case and what is necessary to pursue action.
Liability and Responsibility
When a HIPPA violation occurs, it is important to determine who is responsible for the incursion and how it happened. Then, if the victim wants to pursue civil action, he or she usually hires a lawyer. At that point, it is crucial to determine what party and which individuals are liable for damages. When the victim has been violated through the offense, he or she may need to recover due to identity theft or a cyber-attack. The compensation sought generally is used to become whole after the incident. If the judge feels the hospital should be punished for the violation, punitive damages may be awarded.
Penalties for HIPPA Violations
The penalties for these violations are often severe. There is an investigation initiated by the Office of Civil Rights which is a division of the United States Department of Labor, and findings are used for both criminal and civil cases. The penalties issued for the offenses are due to a failure to comply for any specific requirements and standards for keeping medical information private and away from non-medical staff. The facility could face fines of at least $100 for each violation incurred. The maximum is no more than $25,000 in each year. The perpetrator may face ten years in prison when convicted.
If the United States Department of Labor is involved in the violation, fines may begin at $50,000 for the medical facility along with up to a year in jail or prison. These could extend to $250,000 and ten years behind bars. Usually this is for individuals, but if the criminal charges are issued against a hospital or certain staff members, the penalties are severe. For recovery with compensation, the victim would need to initiate a civil lawsuit with a lawyer. Then, additional damages are issued and compensation is awarded to the person violated when the claim is successful. It is crucial to discover the culprit, but the facility could be held accountable in certain situations.
HIPPA Violations and Legal Help
For health plan groups, care clearing houses, healthcare providers and business associates, HIPPA guidelines are present. This involves the various organizations that provide insurance and healthcare policies to individuals and groups as well as included members of other entities. Violations occur through accessing medical records, insurance forms, files and details of a personís medical past and similar items. These pieces of data are kept confidential due to privacy laws and the contents within. Offenses are severe to prevent future incursions and widespread disclosure of medical details.
To determine who should be sued, a lawyer is needed. When the individual has accessed the files illegally, he or she is the person to litigate against. However, the healthcare facility could be responsible for the incident and may be held accountable.
Disclaimer: While every effort has been made to ensure the accuracy of this publication, it is not intended to provide legal advice as individual situations will differ and should be discussed with an expert and/or lawyer.