General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsWoman sues hospital for posting her STD test results on facebook leading to harassment
Back in September, the woman, who remains anonymous and lives in the town of Winton Hills, was being treated for Syphilis at the University of Cincinnati Medical Center. Shortly after, hospital employees snapped a photo of her records, including her name and diagnosis, and posted it to the Facebook page Team No Hoes, prompting commenters to call the woman a hoe and a slut.
Local news affiliate WLWT reports that, on Tuesday, the woman filed a lawsuit in Hamilton County against the medical center; a female employee named Ryan Rawls; an unnamed female employee believed to be a nurse; and the nurses ex-boyfriend, Raphael Bradley (who doesnt work at the hospital). According to the womans attorney Mike Allen the release of the medical records violates state and federal laws.
Any time you go to the hospital, you should expect to have your information protected, Allen tells Yahoo Shine. We are suing for four reasons unauthorized disclosure of non-public records which is a civil offense, invasion of privacy, emotional distress, and negligent supervision of hiring, meaning the hospital is responsible for the behavior of its staff.
https://shine.yahoo.com/healthy-living/uc-medical-center-std-syphilis-ryan-rawls-mike-allen-diana-lara-204829199.html
Bandit
(21,475 posts)It will be very hard to get back any reputation she may have had.
Getting VD is nothing to be shamed of. You could get something the first time you have sex, if you are so unlucky. And she's cured now, so why should anyone shy away from dating her?
Her reputation is that of a person egregiously betrayed, and a person that fought back. She has my respect.
Initech
(99,915 posts)magical thyme
(14,881 posts)Un-fucking-believable.
That is exactly what the HIPAA laws are intended to protect against.
joeybee12
(56,177 posts)get a lot more.
Jackpine Radical
(45,274 posts)Super-major HIPAA violation; I'm just a shrink & not a lawyer, but I think it might even be criminal for the individuals who did it since it was obviously intentional and malicious.
MattBaggins
(7,894 posts)They may see prison time.
magical thyme
(14,881 posts)not on the part of the hospital, but the employee who accessed the file and distributed it. Up to 10 years in prison and $250K in fines.
(b) Penalties
A person described in subsection (a) of this section shall
(1)be fined not more than $50,000, imprisoned not more than 1 year, or both;
(2)if the offense is committed under false pretenses, be fined not more than $100,000, imprisoned not more than 5 years, or both; and
(3)if the offense is committed with intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain, or malicious harm, be fined not more than $250,000, imprisoned not more than 10 years, or both.
aggiesal
(8,864 posts)FarPoint
(12,209 posts)Well deserved too!
surrealAmerican
(11,340 posts)It was a horrible thing to do, not only because of the damage to this patient, but because such actions are likely to discourage others from seeking treatment for potentially embarrassing contagious diseases.
Laffy Kat
(16,356 posts)She'd have a good civil case IMO.
arthritisR_US
(7,269 posts)judging...they make me sick!
Trajan
(19,089 posts)That bell cannot be unrung ...
Btw ... people are allowed to judge - is what we do, everyday, all day ... we judge ...
I am not a court of law ... I'm a human being with an opinion ... like it or not
SwankyXomb
(2,030 posts)Because it sure sounds like it.
Trajan
(19,089 posts)I can see where my post could be confusing ...
The release of her information is a done deal, due to the CRIMINAL choice that was made by the hospital personnel ... what THEY did was atrocious ...
I am judging the hospital personnel for their cruel act, NOT the woman ...
I read that post above as a defense of the hospital personnel, as if we cannot judge them .... that is what I disagree with .... along with the release of her private information .... that was heinous
MattBaggins
(7,894 posts)So a woman with an STD is automatically a slut?
A nurse should never have done this and should remain non judgmental. This was way out of line as was your response. It would seem the medical profession would not be a good fit for you. It requires something called professionalism.
Your post is beyond facepalm.
Trajan
(19,089 posts)I wish I would have gotten back here sooner
I was responding to the person who complained of the hospital personnel being judged ... NOT the woman or her test results ... that is private and should have NEVER been released in the public domain ...
I hope that clears up any misunderstanding ...
Grammy23
(5,808 posts)public opinion or the opinions all of us form every day. However, we can and do legislate taking action based on having an opinion about a situation. What these low lives did to this woman was wrong and illegal. I cannot fathom how they thought they could get away with it and you can be SURE that as hospital employees they full well knew that they were violating the law. Anyone who works in a place that has access to personal health information is reminded of that regularly and is required to sign off on documents stating that they understand the sensitive nature of the information AND that there are penalties for releasing it without authorization.
I can't believe she is only suing for a measly $25,000. They are lucky she is not suing for millions.....
arthritisR_US
(7,269 posts)Trajan
(19,089 posts)And find another with a better sense of proportion ...
You are apparently the only response that understood what I was trying to say ... congratulations for parsing my unclear post
arthritisR_US
(7,269 posts)it and make public private health information. Sanctimonious a-holes.
Trajan
(19,089 posts)I was defending the woman and castigating the hospital personnel ...
Not completely clear in my previous post ...
arthritisR_US
(7,269 posts)Response to Trajan (Reply #10)
LanternWaste This message was self-deleted by its author.
CAO
(20 posts)Hospital should pay and count its blessings...
monmouth3
(3,871 posts)to her personal life....
PeaceNikki
(27,985 posts)Some people are fucking horrid.
laundry_queen
(8,646 posts)She should never have to work again, IMO. Imagine a potential employer searching her up?
uppityperson
(115,674 posts)HooptieWagon
(17,064 posts)I believe the judge could increase the damages. And certainly the woman can amend her suit to higher damages.
Does employment status, education, income, etc affect how much she would expect to collect? It seems low.
joeybee12
(56,177 posts)can can't state exactly how much...here in Vegas, you have to state in excess of $10,000 in the complaint, and you could truly be asking for millions.
The Velveteen Ocelot
(115,280 posts)In some jurisdictions you ask for a certain amount "in excess of $XXXXX" because you have to plead a minimum jurisdictional amount but you don't want to limit the damages a jury might award. I'm fairly sure that's what this is.
Louisiana1976
(3,962 posts)call for patient info's being kept confidential. I think she should have sued for much more than $25,000.
Trajan
(19,089 posts)Specific persons did it on their own accord ...
Complete assholes ... $25,000 is too small a price ...
pnwmom
(108,925 posts)and they had access to the info as part of their employment.
This is why the hospital needs liability insurance.
Nye Bevan
(25,406 posts)in terms of training, restricting access to data to a need-to-know basis, and so on, but a rogue employee went ahead and divulged the personal information anyway?
I think if the hospital can show that it did all that it reasonably could to prevent such a thing from happening, it should only be possible to sue the individual concerned.
pnwmom
(108,925 posts)the hospital itself did nothing wrong, do you still think they couldn't sue the hospital?
Nye Bevan
(25,406 posts)when he or she was hired, or ignoring previous complaints about the same doctor. My point is that if the hospital did nothing wrong, they should not be penalized or be liable for damages.
If I run a business and hire someone who by all accounts is a wonderful person, and that employee at some point snaps and murders someone while working for me, I should not bear any civil or criminal liability, unless I had been negligent in some way such as ignoring warning signs in this employee's behavior.
sendero
(28,552 posts).... a "hospital" is its employees. If an employee of a hospital divulged the information the HOSPITAL is liable under HIPAA...
And I'm pretty sure the penalties can range way beyond $25K. Our organization is positively anal about preventing this by not letting anyone have access to any data that they don't have a compelling reason to access.
Personally if I were the woman, I'd sue the hospital and separately sue every individual involved.
Trajan
(19,089 posts)I was only objecting to the use of a broad term, 'hospital', when it was clearly the work of individuals without the sanction of hospital administrators ...
This does not mean the hospital is off the hook ... they are liable for the acts of their employees ...
This should be a $2,000,000.00 lawsuit, at minimum ...
sendero
(28,552 posts).. I am not asserting that anyone with authority approved of or contributed to the action. But the way HIPAA is crafted, that doesn't matter.
the idea being that if you don't create an environment that makes confidentiality a top priority, then confidentiality will just never happen.
If you don't make the hospital (or insurance co, or any number of other business that have access to medical records) liable, there won't be such an environment or culture.
Personally, I think a lot more of our laws should be written this way, as it is HIPAA is one of the few that companies cannot wriggle out of.
In any event, the hospital is likely to fire everyone involved and they won't be getting comparable jobs from any company familiar with their infraction.
They just fucked themselves good.
magical thyme
(14,881 posts)and the hospital will now face major fines for the violation. Those employees will be fired and no other health care companies will touch them with a 10' pole. Their careers are toast.
smirkymonkey
(63,221 posts)I cannot believe this can happen. How did these jerks think that this would not come back to haunt them?
magical thyme
(14,881 posts)but people are only worth suing if they have deep pockets. Or if the suer has really deep pockets and just wants to ruin them.
smirkymonkey
(63,221 posts)Like they did to her. Even if she didn't get much money, she could destroy them professionally. It's worth a try. I guess I am a bit vindictive. I would do anything to get back at them. I guess it might be an Italian thing.
magical thyme
(14,881 posts)No hospital is going to hire them due to the obvious risk involved. We live in fear of accidental HIPAA violations. To do it deliberately is insane.
Jamastiene
(38,187 posts)I'm mixed race (Caucasian, NA, and AA) and would do the same thing you mentioned doing, if I possibly could.
bluesbassman
(19,310 posts)Absolutely disgusting behavior. I hope all of the employees involved are terminated for this.
frylock
(34,825 posts)magical thyme
(14,881 posts)Deliberate? Their toast. They'll be fired and won't work in the industry again.
bigwillq
(72,790 posts)Not only posting personal info, but the name calling? WTF.
I would have sued for a lot more than 25K.
arcane1
(38,613 posts)It's a closed group, so the staff must be members in order to post pictures. This increases the likelihood that this woman isn't the only victim
On edit: I've reported it as hate speech.
standingtall
(2,785 posts)She should have sued for alot more.
frylock
(34,825 posts)she needs a new lawyer.
JI7
(89,182 posts)because anyone who is going to work in any way related to the medical field, even if it's more of a clerk type job and has access to this info is taught not to do this.
did they have something against her ? did they know her before ? these people are fucked up.
and i agree that it should be a lot more. and the people should never ever be allowed to work anywhere where they can get access to this type of info on people.
barbtries
(28,702 posts)she deserves more than that. and i'm wondering if the perpetrators could not be criminally charged. how could they do that.
The Velveteen Ocelot
(115,280 posts)47of74
(18,470 posts)And how unpleasant the resulting legal shitstorm will be.
vankuria
(901 posts)responsible could face criminal charges for violating HIPAA regulations?
Cannot imagine what the heck they were thinking and if there may be other victims of this prank. Not only will they never work in the health care industry but wonder if any employer would want them involved in their business?
blackspade
(10,056 posts)These people are scum.
itsrobert
(14,157 posts)pay her $50,000. She should ask for a lot more if you ask me. Millions.
tofuandbeer
(1,314 posts)Stonepounder
(4,033 posts)They are criminally liable for violating HIPPA which is a Federal statute and carries criminal penalties. They are also civlally liable, individually and together. The big question is the hospital's liability. It is not a given that the hospital shares liability. That depends on the facts. What kind of audits does the hospital have in place to catch HIPPA violations? Are all employees aware of HIPPA and the consequences of violating it? Etc.
I worked in the medical software industry for about 15 years until I retired and was around when HIPPA came in. It was a massive headache from a programming point of view, since it basically says you have to be able to audit everything. Who touched a record, when, why, what did they do, etc. We had levels of security authorization from the head nurse who could look at the records of anyone on her wing, to individual nurses who could only look at their own patients, to who could look, who could enter, who could change, what times of day were they authorized for. Every time a record was touched for any reason, an audit record was generated. And even with all that we disclaimers on our software that we did not claim that it was fully HIPPA compliant. (And this was software that started at about $1,000,000 per hospital and went up from there.) I do know, however, that it was banged into our heads from the very beginning that we were all considered under HIPPA regulations and that if we were caught breaking any of the privacy rules we were out the door in a heatbeat and don't ask for references.
In this instance, if there was a nurse involved who, as part of her regular duties, was expected to access the patient's chart, and who then decided to knowingly violate both hospital policy and HIPPA, the hospital may be able to avoid a large part of the liability. My experience with hospitals is that they take HIPPA very seriously.
It will be interesting to see how this all plays out. If a nurse was actually involved, she will lose her license and will probably never get another job in health care again. It will also be interesting to see if the case stays civil or if state and/or federal prosecutors decide to get involved. personally, I would like to see the feds go after these lowlifes and make an example out of them. I'm not sure what the penalties for violating HIPPA are, but I would love to see the book thrown at these creeps.
tosh
(4,422 posts)including - and especially - Medicaid. All employees in contact with patient info must be HIPPA certified annually and certification records must be kept, subject to audit.
The hospital's contracts are at stake at the very minimum.
Edited to add that certification records must include outside contractors as well as employees.
AverageJoe90
(10,745 posts)Jamastiene
(38,187 posts)Where I live, the local paper published the names of people who tested positive for HIV back in the 90s. I was astounded that they would do such a thing. Someone's health is no one's business but their own, unless they decide to share the information themselves. Everyone else should butt the fuck out. If we can't even trust doctors, nurses, and hospitals, how are people supposed to get medical care?
FSogol
(45,360 posts)Sgent
(5,857 posts)There is no private right of action for HIPAA violations. The feds can fine you, and may very well be able to imprison the nurse, but you cannot sue due to a HIPAA violation.
The release of information is still unethical and the actions probably violate state medical licensure laws, but the hospital may or may not be liable depending on the negligence standard required. If it was a nurse who posted it, presumably he or she would be liable.
The problem is that in most states you have to prove financial harm, and the patient is going to have a tough time doing this.
I wish her luck, and she may be able to get the nurse professionally sanctioned possibly with jail time, the hospital fined, and yet only get $1 for her efforts.