3 celebrity ePHI breaches that serve as cautionary tales
Kidney stones, sinus infections and other medical maladies — they happen to the best (and most prominent) of us, don’t they? Whether you sweep the streets or serenade sold-out crowds at world-class venues like Red Rocks, we all, at one time or another, end up patients at the doctor’s office. Unfortunately, tens of thousands of us wind up victims of HIPAA and HITECH violations each year — and pop-culture heavyweights are no exception. We review three electronic personal health information (ePHI) breaches involving celebrities and offer a few takeaways for small business owners looking to avoid such catastrophes — all courtesy of your friendly information technology experts at Frontier IT in Colorado Springs.
Michael Jackson: The King of Pop’s medical records were inappropriately accessed by employees of Ronald Reagan UCLA Medical Center after his death, and two hospital employees and two contract workers were subsequently fired, sources told The LA Times. The medical center was subsequently fined $95,000.
Kim Kardashian: Six medical professionals were fired during the summer of 2013 after 14 Cedars-Sinai patients’ records were improperly accessed, according to The LA Times. The records of Kardashian, star of shows like “Keeping Up with the Kardashians” and “Kourtney and Kim Take New York,” were among those accessed, according to TMZ. Kardashian had just given birth to daughter North, fathered by rapper Kanye West. The Kardashians had suspected leaks due to media reports of the birth that included details the family hadn’t shared, TMZ reported.
“Octomom” Nadya Suleman: After giving birth to the world’s only set of surviving octuplets in January 2009, this single-mom-turned-celebrity’s medical records were inappropriately accessed more than 20 times at Kaiser Permanente’s Bellflower Hospital, according to ProPublica. Fifteen hospital employees were fired or resigned under pressure, and eight faced discipline, ProPublica reported. Bellflower was fined a quarter of a million dollars for failing to keep employees out of Suleman’s medical records.
Sobering stuff, huh? While these case studies involve big-name celebs and medical institutions, even the smallest and most humble of medical practices are at risk for devastating HIPAA and HITECH fines that could put them out of business for good — if they don’t take the proper precautions.
The good news? We’ve already written about many HIPAA and HITECH-related topics that owners of small- to mid-sized medical practices should be knowledgeable about. Check out this article on 5 common HIPAA/HITECH violations and how to avoid them, and this article on disaster recovery planning for health care providers. (You can access a wealth of additional information here, on our blog.)
The best news: You don’t have to tackle this all on your own. If you’re not sure where to start, or don’t have the time or expertise to properly secure, protect and back-up your patients’ ePHI, call an MSP.
MSPs, or managed service providers, provide IT services to small and mid-sized businesses. Many MSPs like Frontier IT serve medical practices, offering a menu of services to choose from — including disaster recovery/backup, help desk support, server/network monitoring and HITECH-compliance consulting — at prices they can easily afford.
Curious as to what an MSP like Frontier IT could do to safeguard your medical office’s ePHI — and protect your practice from devastating fines? Give us a ring. We’re friendly, fully HIPAA compliant and ready to help!
Like what you read? Looking for additional tips and tricks to help small business owners succeed? Check out more of our blog posts here.