In 2014, 60 minutes did a segment highlighting data brokers and how they are collecting and selling personal information. This is an ever increasing problem with staff that has access to valuable private medical, credit and personal information and violates both local and federal laws protecting people’s privacy. A hospital has a great deal of information on their patients and that data is an extremely valuable commodity. There are 3 different types of regulations in place to prevent and prosecute the sharing of those resources.
Upon entering a hospital or doctor’s office, among a great deal of paperwork and valuable information is the notification of HIPAA (Health Insurance Portability and Accountability Act) guidelines and regulations. The purpose of the privacy rule in association with the HIPAA was to assure that certain related health information of individuals seeking medical care was held private while still allowing for other medical care providers access to valuable medical history and data.
The Genetic Information Nondiscrimination Act applies specifically to genetic information. This information is available to health care providers but is still protected by law and should not be shared without permission from the patient.
In order to protect credit information of consumers, the Fair and Accurate Credit Transactions Act was created. Hospitals generally have a significant amount of valuable data regarding their consumer’s data.
Because a hospital has access to all of this information, it is vitally important that any suspected or known breach of confidentiality be reported to the United States Department of Health and Human Services within 60 days of knowledge of the breach.
If you have discovered that data entry personnel has sold the personal information of those in the hospital, contact an experienced attorney to know the next steps and legal requirements. Contact Chilivis Grubman Dalbey & Warner LLP today online or by telephone at (404)233-4171 in Atlanta to arrange a consultation.