A long legal battle has finally come to a close, and while it can’t erase the pain the victim’s family endured, it can serve as a warning to medical facilities when it comes to safeguarding patients’ privacy.
The family of the victim originally sued ABC and New York-Presbyterian Hospital for airing an episode of the medical reality show “NY Med” without their consent to film his treatment; the episode ultimately aired the victim’s last words and showed footage of the moment the doctor declared him dead. A lower court threw out the lawsuit on the grounds that the patient’s name and face weren’t revealed, but the family appealed that decision and won.
The hospital has now settled with the victim’s family for illegally disclosing patient information to the producers of the show. The hospital will pay a $2.2 million fine, as well as provide privacy training for all of its staff.
HIPAA violations are considered a highly serious issue, and they even have consequences related to identity theft. One instance is medical identity theft, in which a thief steals personal identifiable information and uses it to obtain medical care, pharmaceuticals, or other related services.
This can actually have life-threatening consequences for the individual whose identity was stolen, since the patient records are linked. Where HIPAA causes some frustration in medical identity theft is the fact that the thief is still entitled to his medical privacy; that means the person whose identity was stolen is still not entitled to the treatment records for the thief.
Another HIPAA/identity theft concern is in the rash of ransomware attacks that have taken place recently. Hospital networks have been infected with malicious software, only to have the hackers demand a ransom to clear out the malware. In some cases, failure to comply not only means having the hospital’s network frozen and patient care compromised, but also the threat that the hackers will release databases of patient information online. In those cases, it is still the hospital who is culpable, and will therefore face massive fines and lawsuits for breaching patient confidentiality. The end result is that some hospitals have opted to cave to the hackers’ demands rather than face the financial nightmare.
Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.