Report: Kaiser Permanente Among Top Violators of HIPPA

Your health information is supposed to remain private -- it’s the law. But according to a report by ProPublica, some of the biggest names in the health industry are repeat offenders of Health Insurance Portability and Accountability Act, including California-based Kaiser Permanente.

And it’s not just massive breaches of data that resulted in a violation. It could be something as simple as mailing someone the wrong test results or yelling one’s medical information across the pharmacy.

If you’ve ever been to a doctor’s office, a dentist’s office or had your prescription filled, you have no doubt heard of the HIPAA. It’s a federal law that protects for medical information from being shared with those who don’t have a need to see it.

But according to the an investigation by ProPublica, Kaiser Permanente, among others, repeatedly violated patients’ privacy with little repercussions.

The report shows Kaiser receiving 146 HIPAA complaints in the last four years.

Kaiser said it’s fully committed to protecting patient’s information and continually working to improve. In statement to Patch, Kaiser said:

We work to foster a culture of compliance that protects information, including that of members, patients, employees, physicians, and other information confidential to our business. Specifically around member and patient information protection, we conduct education, training and awareness programs that are required for our employees and physicians, so they understand the imperative of following the law, and the potential impact that failing to do so can have on patients, and on their employment.

While it is unrealistic to expect zero violations from health providers. There are always some inadvertent sharing of information or rogue employees, but the numbers of repeat offenses have experts worried.

“It may be true that you can’t get down to zero, but you need to make a really good faith effort to follow up on the complaints that were filed,” Mark Rothstein, chair of law and medicine and the founding director of the Institute for Bioethics, Health Policy and Law at the University of Louisville School of Medicine, to ProPublica.

An official for the Office for Civil Rights, the agency tasked with enforcing the law and doling out punishments, told ProPublica the agency’s top priority has been dealing with large breaches, where 500 or more people are affected. Small repeat violations are investigated but not necessarily punished.

For more on this, visit ProPublica.