HIPAA Violations In The Social Media Spotlight

HIPAA violations became the buzz of social media in the wake of ESPN reporter Adam Schefter posting an image of NY Giants defensive end Jason Pierre-Paul’s medical chart on Wednesday (July 8, 2015). The case garnered immediate attention because of the sensational nature of the event; a fireworks accident involving an NFL player resulted in injuries to his hand severe enough to require amputation of his right index finger.
Objections, and questions, were immediately raised about the ethics and legality of publishing an individual’s medical record.

HIPAA and the Media

Legally, the reporter and ESPN are not liable for fines related to violating the measures of the 1996 Health Insurance Portability and Accountability Act (HIPAA) because HIPAA laws apply to medical professionals and support staff including insurance payers. It remains unclear how Schefter obtained the medical record material.
Civil suits against ESPN and the reporter remain a possibility.

HIPAA and Medical Personnel

If Pierre-Paul’s records were “leaked” without his explicit consent, any medical personnel with access to Pierre-Paul’s records will be subjected to severe scrutiny and are eligible for significant fines depending on their involvement

The individuals that made the medical record available AND their employer may be forced to pay significant fines for direct HIPAA violations. Civil fines are well within the realm of possibility if Pierre-Paul objects to the release of his medical records and wants to push damage claims.

HIPAA violations are commonplace and, perhaps, a high profile case involving transmission of protected health information (PHI) will go a long way to encourage the use of HIPAA compliant messaging platforms that have the capability to track usage and transmissions. 

MedTunnel is a free HIPAA-compliant service which allows you to send messages and documents containing PHI – just like email and text messaging.  All messages are user, date and time stamped – therefore, anytime an action is taken with a message (sent, received, viewed, etc) it is instantly recorded in the audit log. No need to put your organization at risk for HIPAA violations – MedTunnel let’s your organization become HIPAA-compliant for free.