Are You Violating HIPAA?

You might be. Many practices worry that they are violating HIPAA, especially in regards to inappropriate employee access or timely provision of patient records. 

We can help your practice get up to date and prepared to minimize breach risks from third-party vendors. Subscribe to stay current and up to date on important matters that will impact your practice.  (To subscribe to our blog ).

A recent example of a HIPAA breach occurred when a dentist responded to a negative online review and shared the patient’s name and some treatment information. 

This is an easy slip for someone working in the office, but a clear breach of HIPAA. 

In that case, the dentist was fined $50,000.00 for the HIPAA breach of one patient’s protected health information (PHI). 

A new interesting question arose when a woman accused a CVS employee of wrongfully accessing her PHI. 

In this instance, she repeatedly tweeted at CVS regarding concerns surrounding medication she was taking. A CVS employee from the customer care group called her directly to discuss her concerns. They spoke for nearly an hour regarding her medical information and health plan. 

However, the woman was very upset that the employee was able to view her medical information and get her phone number. She is now claiming her PHI was breached by this action. 

As there is no private right of action under HIPAA, it is up to the government if they want to pursue claims against healthcare providers for HIPAA breaches. 

It is unknown whether or not they will choose to pursue this, however, it might be a stretch to allege this violates HIPAA. It is somewhat akin to a patient calling a doctor’s office to complain and speaking with the office manager. 

However, it is good to always remember to protect your practice from breaching HIPAA. These situations can serve as useful examples when training your staff. 

Make sure your staff knows when they are able to view and access PHI and for what purpose. They should also know about potential hefty fines and consequences. 

We help our clients train their employees effectively to minimize potential risks of internal breaches and wrongful access. Improper access can be costly and can sometimes force an office to shut its doors forever when costs are too high. 

We know you’re busy. Subscribe to our blog to get updates and news sent directly to your inbox!

We publish vital information on health law topics and news every Wednesday and Friday. To get this important information delivered directly to your mail box, subscribe today!

Do you need help with updating your Business Associate Agreement or negotiating contracts with third-party vendors?  We can help. To contact us about your Business Associate Agreement, your vendor contracts or your other legal needs, call us today.

Related Posts


Recent Posts

What is the Biggest Threat to Healthcare?
January 30, 2024
How Can I Simplify Estate Planning?
January 11, 2024
I Have a Trust. Now What?
December 7, 2023
Breaking: Corewell Health Breach
December 5, 2023
Should I Add My Child to My Bank Account?
November 30, 2023


Subscribe to Our Newsletter

Subscribe and get your FREE copy of Easy Guide to HIPAA Risk Assessments

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment. (an $8.99 value)

Thank you for subscribing to the Rickard & Associates healthcare blog. You'll receive a confirmation email shortly. After verifying your subscription request, you'll be sent to the "Easy Guide to HIPAA Risk Assessments" download page.