HIPAA Blog

[ Wednesday, November 11, 2015 ]

 

Employer Not Liable for Employee's Bad Act: An Ohio court is dismissing a hospital from a lawsuit by a patient whose medical records (including an STD diagnosis) were posted on Facebook by a hospital employee.  The hospital, University of Cincinnati Medical Center, argued that the employee's acts were outside of her employment, so the hospital is not liable.

This case stands in contrast to the Hinchy v. Walgreens case, where a Walgreen's pharmacist looked at the medical records of her boyfriend's ex-girlfriend (looking for STDs, of course).  In that case, Walgreens was held liable.  Different states, different laws, different courts.  And it goes without saying that these cases are only arguably about HIPAA; they really are about the state law requirements in the two states, and about whether the deep-pocket employer has to pay the cost for the damage caused by the rogue employee.

Jeff [1:20 PM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template