We have all heard about the cases of snooping. Celebrities like Drew Barrymore, Arnold Schwarzenegger, Tom Hanks, Leonardo DiCaprio, and Farrah Fawcett have all been victims of snooping. Snooping is accessing – disclosing patient health information for reasons other than patient treatment, payment or operation, without authorization. It is a violation of the HIPAA privacy and security rule.
You may say: “Oh, I don’t have to worry. Tom Hanks or Leonardo DiCaprio is not going to come into my office.” Well, a recent case may have you re-thinking.
What happened? A Walgreens pharmacist, Ms. Peterson, accessed a patient’s records and shared a patient’s information with her husband. The patient happened to be her husband’s ex-girlfriend. What happened? Ms. Peterson was sentenced to 25 months in prison and Walgreens was fined to the tune of $1.4 million.
So maybe it’s a girlfriend, school teacher, neighbor, old friend. Patients come into the office and they may not be celebrities, but risk of the snooping, looking at, or sharing information that is protected is a concern for every health care provider. Medical records contain sensitive information: medical history, treatment information, contact information, and a lot of other stuff.
So what can you do? What should you do? Here are 3 suggestions:
1. Have a policy in place against unauthorized access, use, and disclosure of protected health information.
2. Provide education to staff members regarding data privacy and security.
3. Implement a disciplinary policy in the event of snooping and other privacy and security violations.