MN Health Clinic Fires 32 for HIPAA Violations

Dom Nicastro, May 11, 2011

A Minnesota hospital system fired this month 32 employees in two of its hospitals for inappropriately accessing medical records of patients – the highest reported termination tally at a hospital for such a violation in recent memory.

Allina Hospitals & Clinics terminated the employees in Unity Hospital in Fridley and Mercy Hospital in Coon Rapids who wanted a peek at the medical records of patients hospitalized in March due to a drug overdose at a party in nearby Blaine, a hospital official said.

David Kanihan, Allina's director of marketing and communications, told HealthLeaders Media in an e-mail the employees were terminated for "accessing electronic medical records of patients without a legitimate patient-care reason for doing so."

HIPAA allows hospital employees to view patient records for reasons of treatment, payment and healthcare operations.

According to the Minneapolis Star Tribune, 11 teenagers and young adults were hospitalized after they overdosed on a synthetic drug. One died.

"We take our obligation to protect patient privacy very seriously," Kanihan wrote in the e-mail to HealthLeaders. "Our actions in this matter are completely consistent with how we have always dealt with these cases. Anything short of a zero tolerance approach to this issue would be inadequate."

Frank Ruelas, director of compliance and risk management at Maryvale Hospital and principal of HIPAA College in Casa Grande, AZ, says the most significant threats regarding patient information breaches come from internal sources.

Dom Nicastro Dom Nicastro is a contributing writer. He edits the Medical Records Briefings newsletter and manages the HIPAA Update Blog.
Facebook icon
LinkedIn icon
Twitter icon