When Health-Care Providers Suffer Data Security Breaches
The rapidly increasing use of electronic medical records is a double-edged sword for health-care providers.
March 04, 2015 at 09:45 AM
8 minute read
A key provision of the American Recovery and Reinvestment Act of 2009 has the potential to dramatically increase health-care providers' legal liability. The Recovery Act requires health-care providers to demonstrate the “meaningful use” of electronic medical records in order to maintain their Medicaid and Medicare reimbursement levels. As a result, the rapidly increasing use of electronic medical records is a double-edged sword for health-care providers.
On one hand, electronic medical records offer more efficient and economical records access, resulting in cost savings for health-care providers and better patient care. On the other hand, they are susceptible to hacking and inadvertent disclosures. Hackers have targeted health-care providers and, as recently as August 2014, more than 4.5 million patients' Social Security numbers, contact information and birth dates were stolen from a multistate hospital system. As the number of hacking attempts continues to increase, some courts have displayed a willingness to allow plaintiffs to bring claims for negligence and privacy violations against health-care providers under state law. In the process, those courts have rejected the providers' arguments that federal law preempts those claims.
The Connecticut Supreme Court recently held that the Health Insurance Portability and Accountability Act of 1996 (HIPAA) does not preempt state law claims for negligence against a health-care provider that improperly breaches the confidentiality of a patient's records in responding to a subpoena. Byrne v. Avery Ctr. For Obstetrics & Gynecology, 314 Conn. 433 (2014). Emily Byrne, a patient at the Avery Center, instructed her doctor not to provide her protected health information (PHI) to her estranged significant other, Andro Mendoza. Mendoza subsequently filed a paternity suit against Byrne and served a subpoena on the Avery Center requesting Byrne's medical records. The Avery Center turned the records over to the court without notifying Byrne, filing a motion to quash the subpoena or appearing in court.
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Trending Stories
- 1The Law Firm Disrupted: For Big Law Names, Shorter is Sweeter
- 2Wine, Dine and Grind (Through the Weekend): Summer Associates Thirst For Experience in 'Real Matters'
- 3'That's Disappointing': Only 11% of MDL Appointments Went to Attorneys of Color in 2023
- 4What We Know About the Kentucky Judge Killed in His Chambers
- 5'I'm Staying Everything': Texas Bankruptcy Judge Halts Talc Trials Against J&J
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250