Regulators have logged dozens, even hundreds, of complaints against some health providers for violating federal patient privacy law. Warnings are doled out privately, but sanctions are imposed only rarely.
Deceased vets’ data has been sent to the wrong widows. Employees have snooped on the records of patients who’ve committed suicide. And whistleblowers say their own medical privacy has been violated.
A review found 35 cases since 2012 in which nursing home or assisted living workers surreptitiously shared photos or videos of residents on social media. At least 16 cases involved Snapchat.
Breaches that expose the health details of just a patient or two are proliferating nationwide. Regulators focus on larger privacy violations and rarely take action on small ones, despite the harm.
The federal privacy law known as HIPAA doesn’t cover home paternity tests, fitness trackers, or health apps. When a Florida woman complained after seeing the paternity test results of thousands of people online, federal regulators told her they didn’t have jurisdiction.
University students have less privacy for their campus health records than they would have if they sought care off campus. Schools say they are trying to seek the right balance between privacy and safety.
Garbage has become an unlikely battleground in the abortion debate, as anti-abortion groups seek evidence of privacy violations in clinics’ trash. “Is it a little bit on the sketchy side?” one activist said of such tactics. “Yeah, maybe.”
Across the country, those who support abortion rights and those who oppose them are feuding in court over how much information should be disclosed about women undergoing abortions. Supporters say there’s no margin for error. Opponents say it’s about ensuring quality care.