HIPAA Violations Are Punished In Court


March 12, 2007

The general rule with Health Insurance Portability and Accountability Act of 1996 (HIPAA) is that it does not provide victims their "day in court." Violations are handled by the Department of Health and Human Services, however, exceptions to this rule exist, as two recent cases show.

In January, a Fort Lauderdale federal jury convicted Fernando Ferrer Jr., for a Medicare scheme. One count in the indictment was wrongful disclosure of individually identifiable health information, for which he faces ten years in prison. Ferrer worked with an employee of the Cleveland Clinic in obtaining Medicare patient information. This employee, Isis Machado, pled guilty and testified at trial. Using the information, Ferrer submitted more than $7 million in fraudulent claims.

The Justice Department reported that this HIPAA violation case could to go to trial. A copy of the press release is available at: www.usdoj.gov/usao/fls/PressReleases/070124-02.html.

In a North Carolina state court, a patient sued her doctor and his office manager for negligent infliction of emotional distress. The basis for the complaint was violation of HIPAA. Heather Acosta was a psychiatric patient of Dr. David Faber. Over an eight-month period, Dr. Faber allowed his office manager, Robin Byrum, to access Acosta’s protected health information (PHI) without Acosta’s authorization. Byrum then disclosed the PHI to others.

The Court of Appeals reversed a summary judgment against Acosta. The court held that HIPAA was a standard of care to which Dr. Faber and his office needed to adhere. A standard of care, when breached, can create liability for negligence. Thus, Acosta would get her "day in court," unless the case is settled out of court.

These cases reveal some of the consequences of HIPAA Security and Privacy non-compliance. Employers should understand that the PHI in their plans is valuable in today’s marketplace. Thus, protecting PHI should continue to be a top concern in benefit administration.

Infinisource provides an excellent product to assist employers with documenting HIPAA compliance for their plans. It is called HIPAA Solved. For more information, contact us at 800-779-6384 or solutions@infinisource.net. In addition, we will provide a HIPAA Update Webinar – "How Secure Are You?" – on Wednesday, April 11. For more information, contact our Seminars Department at 800-300-3838 or seminars@infinisource.net.

Manage your account

Employer/Client

» COBRA Login
» FSA/HRA Login
» Wellness Login

Employee/Participant

» Continuation Coverage
» FSA/HRA Login
» HSA Login
» Wellness Login

Agents

» Agent Resource
Center Login
Our Company
Our Company
Company Information
Mission Statement
Letter from CEO
Community Involvement
Executive Team
Executive Team
Careers
Careers
Infinisource News / Events
Infinisource News / Events
Benefit News
Benefit News
News & Review Sign-up
RSS Sign-up
Articles by topic
Benefit Resources
Benefit Resources
Benefit Laws, Regulations
Benefit White Papers
COBRA Case Law
COBRA Checklist
COBRA Quiz
Comparison
FSA Employee Calculator
FSA Employer Calculator
Glossary of Terms
Published Articles
Contact Us
Contact Us
Client Survey
Client Survey

Quick Links

» Product/Services

» News & Review

» Client Survey