HIPAA

Regulators have logged dozens, even hundreds, of complaints against some health providers for violating federal patient privacy law. Warnings are doled out privately, but sanctions are imposed only rarely.

Deceased vets’ data has been sent to the wrong widows. Employees have snooped on the records of patients who’ve committed suicide. And whistleblowers say their own medical privacy has been violated.

Lessons from a year reporting on loopholes and lax enforcement of the federal patient-privacy law known as HIPAA.

A review found 35 cases since 2012 in which nursing home or assisted living workers surreptitiously shared photos or videos of residents on social media. At least 16 cases involved Snapchat.

Breaches that expose the health details of just a patient or two are proliferating nationwide. Regulators focus on larger privacy violations and rarely take action on small ones, despite the harm.

The federal privacy law known as HIPAA doesn’t cover home paternity tests, fitness trackers, or health apps. When a Florida woman complained after seeing the paternity test results of thousands of people online, federal regulators told her they didn’t have jurisdiction.

University students have less privacy for their campus health records than they would have if they sought care off campus. Schools say they are trying to seek the right balance between privacy and safety.

Garbage has become an unlikely battleground in the abortion debate, as anti-abortion groups seek evidence of privacy violations in clinics’ trash. “Is it a little bit on the sketchy side?” one activist said of such tactics. “Yeah, maybe.”

Across the country, those who support abortion rights and those who oppose them are feuding in court over how much information should be disclosed about women undergoing abortions. Supporters say there’s no margin for error. Opponents say it’s about ensuring quality care.

Even our most personal health conditions are part of a vast but hidden market for our medical data. Don't we deserve to know about it?

An early look at a Pacific Standard story that's currently only available to subscribers.

Yet another health insurer recently reported a massive data breach, affecting the financial and medical information of 11 million people. We asked the head of the federal agency tasked with investigating these issues whether the notion of patient privacy was outmoded.

A bill has been filed in New York that would make it one. State Assemblyman Ed Braunstein was inspired by a story about a man whose death was recorded by the real-life medical series NY Med without permission. His widow recognized her husband while watching the show on TV.

In a recently filed lawsuit, Ebola-infected nurse Nina Pham says that a colleague videotaped her without her permission and then the hospital she was treated in released the tape to the media, violating her privacy.

Federal health watchdogs say they are cracking down on organizations that don’t protect the privacy and security of patient records, but data suggests otherwise.