As Arizona residents may know, keeping medical information confidential may be a source of concern and breaches of medical confidentiality have been noted. While sharing patients’ information without their consent is illegal under the Health Insurance Portability and Accountability Act, some courts have ruled that a health care provider may not be held responsible for an employee who violates this confidentiality.
Thousands of alleged breaches of confidentiality have been reported to the Office of Civil Rights. Because the OCR does not publish small incidents of breaches, only of the large ones, it has come under criticism.
One case involved a former employee of British Petroleum who was prescribed medication by a physician at a pain institute in California. When the man’s brother lodged a complaint against the doctor with the state medical board, saying the doctor was overprescribing for his brother, the physician in question hired a private detective to investigate the patient. The physician reportedly would not pay for the medical records that were found, so the investigator offered to sell them to the patient. After the patient reported this action to the OCR, he did not receive notification that the complaint was resolved until two years later. Currently, the medical board in California has suspended the physician’s license to practice and reportedly is seeking a revocation of the license.
While it is not clear whether this type of illegal action also constitutes medical professional negligence, patients who have been the subject of it often suffer adverse financial ramifications, such as damage to their reputations and job losses. However, it could be the sign of larger problems more directly related to the provision of health care at a hospital or doctor’s office, and victims may want to speak with an attorney in order to determine whether any recourse may be available.