A local Ohio hospital has been faxing other people’s personal medical records to Elizabeth Spilker’s home for months, in an apparent violation of the Health Insurance Portability and Accountability Act (HIPAA). The information in the faxes contained patient names, ages, weights, medications, and medical histories.
In a report from ABC 6, Spilker said, “We have been getting regular faxes over the last year or so from Grant Medical Center, with people’s personal information attached.” She added that it’s as if someone puts these confidential documents into a fax machine and simply leaves them running. “It’s almost always at the end of the day, and it will continue to try and fax you and ringing your phone number until you do something – like unplug it and plug in the fax,” she said.
Spilker told ABC 6 she’s tried contacting the callback number on the fax, which happens to be Grant Medical Center Heart Disease Management office, with no results. At one point she faxed them back a note requesting they stop faxing the personal records to her home, but the documents kept on coming.
ABC 6 On Your Side reached out to Ohio Health for a statement, and they responded:
“Thank you for bringing this to our attention. We conducted a thorough review and audit of our fax system logs and found that three faxes were sent to the individual in error due to a transposed fax number in one patient’s medical record. The fax number has been corrected and we’re reaching out to the patient involved to make him or her aware. Ensuring the privacy of our patients is a top priority at OhioHealth and we apologize for this error.”
Spilker did note that she shredded all of the hospital’s faxes.
What are my HIPAA and privacy rights?
Generally, if a patient’s private health information is disclosed to a third party, it constitutes a breach. And, if this breach results in harm to the patient, this may be a cause of action against the medical professional.
The term “medical professional” doesn’t only include doctors. It also encompasses nurses, physician assistants, techs, and any other personnel who interact with patients and patient records. Employees of hospitals and medical settings deal with a lot of paperwork under tight deadlines, but that doesn’t excuse them from breaching your confidentiality.
Just last year, New York’s Mount Sinai St. Luke’s Hospital was taken to court for faxing confidential health information to a patient’s employer rather than to his personal post office box, as requested. The incident caused the employee psychological stress and he was forced to quit his job. Although St. Luke’s paid a fine to the government, the employee took the hospital to court for negligence and infliction of emotional distress.
As a patient, you have a right to the utmost privacy about your health and medical records. If you believe your privacy has been breached and you’ve suffered harm as a result, talk to a medical negligence lawyer for more information. Don’t let anyone violate your patient rights.