If you haven't already read it, there is a moving interview in The Los Angeles Times with actress Farrah Fawcett about her 2½ year battle with cancer.
Fawcett, 62, the one-time Charlie's Angels star and pin-up poster goddess of 1970s America, told the newspaper that her efforts to fight anal cancer were made more difficult when her personal medical records were illegally accessed by at least one employee at UCLA Medical Center. That employee then sold the information for $4,600 to the National Enquirer.
"It seems that there are areas that should be off-limits," Fawcett told the Times. " It's much easier to go through something and deal with it without being under a microscope. It was stressful. I was terrified of getting the chemo. It's not pleasant. And the radiation is not pleasant."
Because of the continuing unwanted publicity about her health, Fawcett had to take her attention away from fighting a deadly disease and devise—on her own—a sting operation to catch the snooping employee. In May 2007, when she learned that her cancer had returned, she told no one. Still, the news came out in the Enquirer within " maybe four days." When Fawcett asked UCLA Medical Center for the name of the snooping employee, she says a hospital official refused to provide it, saying they had a responsibility to " protect our employees." " And I said, 'More than your patients?' . . ." Fawcett told The Times.
Eventually, the snooping employee was identified. She pleaded guilty in December to a felony charge of violating federal medical privacy laws for commercial purposes. She died in March, of cancer, before she could be sentenced.
Fawcett hopes the Enquirer will also be charged with a crime for " buying stolen goods" in the form of confidential medical records. Fawcett also blames UCLA Medical Center for the lapses and suggested the only thing they cared about was getting her to donate money for a foundation to be named after her.
This is a unique case involving an internationally known celebrity. But there are lessons that every hospital can take from this security breach.
First, it illustrates very plainly how damaging a privacy violation can be to the health of the patient. Farrah Fawcett, nor any patient, should have to divert attention from fighting a disease and instead devise a trap for a snooping employee. All patients are vulnerable, even more so those battling cancer and other life-threatening diseases. No one should have to deal with the additional stress of protecting their medical records.
Second, if for whatever reason a patient raises questions about the security of their medical records, address those concerns immediately. Your hospital might not treat a lot of movie stars, but privacy violations affect everybody everywhere for any number of reasons.
Third, Fawcett's story justifies the new enhanced enforcement and security for HIPAA violations. As I've said before, if your hospital can't get patient privacy right, how can you be trusted with anything else?
Thirty years ago, Farrah Fawcett's smiling face was the pin-up fixture that adorned the walls of millions of teenage boys. Now might be a good time to print out that LA Times interview and pin that up on the employee bulletin board.
Note: You can sign up to receive HealthLeaders Media HR, a free weekly e-newsletter that provides up-to-date information on effective HR strategies, recruitment and compensation, physician staffing, and ongoing organizational development.