The proliferation of electronic medical records systems has made it easier to track and punish those who peek in records they have no legitimate reason to access. Below is a partial list of high-profile breaches and the consequences that accompanied them, compiled from news reports.
October 2007: Palisades Medical Center in New Jersey suspended 27 workers without pay for a month for looking at the medical records of actor George Clooney, who had been treated there the prior month after a motorcycle accident.
March 2008: The University of California–Los Angeles Medical Center took steps to fire at least 13 employees and suspended at least six others for snooping in the medical records of pop star Britney Spears during her hospitalization in its psychiatric unit. In addition, six physicians faced discipline.
November 2008: Jacksonville Medical Center in Florida fired 20 workers for looking at the records of Richard Collier, then an offensive tackle for the Jacksonville Jaguars, who was paralyzed in a shooting.
March 2009: Kaiser Permanente revealed that 21 employees and two doctors inappropriately accessed the medical records of Nadya Suleman, who gave birth to octuplets at its Bellflower, California, hospital. Of those workers, 15 were either terminated or resigned under pressure and eight faced other disciplinary actions. In May 2009, the California Department of Public Health fined the hospital $250,000 for failing to protect Suleman’s records.
October 2009: An Arkansas doctor and two former workers at St. Vincent Medical Center were sentenced to probation and fined after pleading guilty to federal misdemeanor charges that they illegally accessed the records of a Little Rock television news anchorwoman who died in 2008 after being attacked at her home during a robbery.
June 2010: Ronald Reagan UCLA Medical Center was fined $95,000 by the California Department of Public Health for failing to stop employees from accessing singer Michael Jackson’s records. Two hospital workers and two contract employees were terminated.
January 2011: University Medical Center in Tucson fired three employees for snooping in records after the shooting that left then-United States Representative Gabrielle Giffords in critical condition. A contract nurse also was terminated.
UNNAMED CELEBRITY PATIENTS
July 2011: UCLA Health System agreed to pay $865,000 to the federal government to resolve allegations that its employees violated federal patient privacy laws by snooping in the medical records of two celebrity patients. Separately, in January 2010, a former UCLA employee pleaded guilty to four counts of illegally reading medical records, mostly from celebrities and other high-profile patients, and was sentenced to four months in federal prison.
A PATIENT FATALLY SHOT IN AN ICU
October 2012: Akron General Medical Center in Ohio fired a “small number of employees” for looking at the medical records of a woman whose husband fatally shot her in the hospital’s intensive-care unit.
July 2013: Five workers and a student research assistant were fired for inappropriately accessing records at Cedars-Sinai Medical Center in Los Angeles. One of those was reportedly reality television star Kim Kardashian, who gave birth to her daughter at the hospital the prior month.
A DOCTOR WITH EBOLA
September 2014: Nebraska Medical Center in Omaha fired two workers for looking in the records of Dr. Rick Sacra, who had been treated at the hospital for the Ebola virus he contracted while volunteering in Africa.
THE MOTHER OF A 5-YEAR-OLD WHO DIED
August 2015: Carilion Clinic in Roanoke, Virginia, fired or disciplined 14 workers for peeking at a patient’s medical records in a high-profile case. The patient was reportedly the mother of a five-year-old boy who was found dead in a septic tank near his home.