HIPAA Violator Gets Jail Time
Classic coding job search advice includes submitting a professional resume that touts your Certified Professional Coder (CPC®) credential, dressing appropriately and being on time for interviews, and being a courteous and respectful interviewee. Here’s one more piece of advice: Make sure your credit record is in good standing. Surprisingly, a poor rating could cost you a job.
It may sound extreme, but physicians are advised to do all they can to protect themselves against Health Insurance Portability and Accountability Act (HIPAA) violations. That includes running credit checks for all potential employees—the theory being: An employee who has a lot of debt and works in an office that serves celebrities could be tempted to sell information to tabloids, according to Stephen Aborn, executive director of Andrews International, a Valencia, Calif.-based investigative and security services provider (amednews.com).
It is not known if that was Huping Zhou’s motive for illegally accessing patient medical records at the UCLA School of Medicine, where he worked as a researcher in 2003. Regardless, Zhou, 48, a licensed cardiothoracic surgeon in China, was sentenced in late April to four months in jail for doing exactly that.
Zhou’s incarceration for this sort of HIPAA violation is one of the first in the nation, according to a U.S. Attorney’s Office, Central District of California, press release. In addition to jail time, the judge handed Zhou a $2,000 fine.
“There’s no question that this is sending a message,” said Aborn.
“This would be an example of [the government] demonstrating, ‘Yes, we are serious about making sure you all understand we will exercise this authority with respect to employees’,” John Christiansen, a Seattle-based attorney, told amednews.com.
“The safeguards should start at the hiring process,” writes amednews staffer Pamela Lewis Dolan, but practices shouldn’t stop there. “Beyond making good hires, practices also need access controls in place that would eliminate the potential for employees to look at files they are not authorized to see.” In doing that, the burden of guilt falls on the employee and not the employer, said Christiansen.
Learn more about the Zhou case on amednews.com.