According to Orlando Regional Medical Center, staff members illegally accessed the personal private records of Pulse survivors three days after the attack because of “personal curiosity.” 

WESH 2 News asked my opinion on the subject.  

As an expert on the federal patient privacy law, HIPAA, I know that the hospital will likely face state and federal fines.

What the employees don’t generally realize is most of their computer interactions are logged so that when they do something like that, someone is going to find out once that has been audited at some point. 

The real question that we do not know is whether this information was, or will be, used by someone and will it damage the patients? For instance, was something private revealed that will cause a patient to lose his or her job? 

If a person is damaged from the hospital's breach of its duties to maintain confidential patient health records, there may be a lawsuit for damages.  
In response to the data breach, Orlando Health decided not to bill Pulse survivors for their hospital stays. 




Source: WESH 2 News 

Be the first to comment!
Post a Comment