As a licensed physician or other healthcare professional, you are entrusted with access to some very personal information from your patients. Proper handling of that information means more than just safeguarding it from unauthorized users or hackers; it also means that you also access it only on a need-to-know basis. The licensing boards of New Jersey, Pennsylvania, and New York, for example, are quick to mete out discipline to healthcare professionals who mishandle patient information. And as some physicians have discovered, accessing patient records for any reason other than a legitimate medical/business purpose can have serious professional and even legal consequences.
Take, for example, the physician in Henderson, KY, whose license was recently suspended for accessing the medical records of patients whom he was interested in pursuing romantically. Not only did the state medical board consider this a huge breach of trust, but the doctor was also fired from his position at Deaconess as a result.
Permissible Use of Patient Records
The Health Insurance Portability and Accountability Act (HIPAA) sets out very clear rules about the permissible use of health data, including patient records. Generally speaking, a licensed healthcare professional may only access patient records if there is an identifiable business purpose behind the access--and if the person is not already a patient under their care, they must obtain written permission from the patient to access it. Regarding the doctor mentioned above, he likely had access to the patient records because Deaconess as an organization had obtained the permissions--but this did not stop the doctor from facing disciplinary action for probing patient information without a legitimate medical purpose.
The Consequences of Unauthorized Accessing of Medical Records
What happens when a doctor or other health professional is accused of improperly accessing a patient's personal information? Since violating patient privacy is considered a serious offense, the repercussions can be quick and far-reaching. If you are accused of doing so, some of the consequences may include:
- Loss of license. State licensing boards have little tolerance for violations of patient privacy. While incidental or accidental violations might result in fines or probation, more blatant misuse of patient information (such as accessing for personal reasons) will likely result in immediate license suspension while the incident is investigated--and quite possibly a permanent loss of your license.
- Loss of employment. Healthcare facilities also take patient privacy violations seriously, as they can be exposed to costly lawsuits and other legal problems. As a result, they are likely to fire any employee who is accused of inappropriately accessing patient information.
- Potential for civil and criminal actions. A patient whose personal information has been violated has the right to sue you for any damages incurred as a result of the breach. Additionally, since HIPAA violations are a breach of federal law, you could even be exposed to criminal charges depending on the circumstances.
Regardless of the potential for cascading consequences like the ones listed above, perhaps the most immediate and likely concern if you're accused of mishandling patient records is the risk of losing your professional license. If you're a licensed health professional in New Jersey, Pennsylvania, or New York who is facing a complaint of violating patient privacy, you need an experienced professional license defense attorney to ensure your rights are protected and to negotiate for a more favorable outcome. To discuss your case and your options, contact the Lento Law Firm today.