MN Health Clinic Fires 32 for HIPAA Violations

Allina Hospitals & Clinics terminated the employees in Unity Hospital in Fridley and Mercy Hospital in Coon Rapids who wanted a peek at the medical records of patients hospitalized in March due to a drug overdose at a party in nearby Blaine, a hospital official said.

David Kanihan, Allina's director of marketing and communications, told HealthLeaders Media in an e-mail the employees were terminated for "accessing electronic medical records of patients without a legitimate patient-care reason for doing so."

HIPAA allows hospital employees to view patient records for reasons of treatment, payment and healthcare operations.

According to the Minneapolis Star Tribune, 11 teenagers and young adults were hospitalized after they overdosed on a synthetic drug. One died.

"We take our obligation to protect patient privacy very seriously," Kanihan wrote in the e-mail to HealthLeaders. "Our actions in this matter are completely consistent with how we have always dealt with these cases. Anything short of a zero tolerance approach to this issue would be inadequate."

Frank Ruelas, director of compliance and risk management at Maryvale Hospital and principal of HIPAA College in Casa Grande, AZ, says the most significant threats regarding patient information breaches come from internal sources.