Physician’s Media Interview Violates HIPAA, Leads to $125,000 Settlement

November 28, 2018 Advisory

A Connecticut physician cost his group $125,000 when he allegedly ran afoul of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule during an interview with a television reporter. The physician disclosed a patient’s protected health information (PHI) while responding to a television reporter’s request for comment in response to the patient’s complaint. Attempting to refute a patient’s complaint via the media is generally ill-advised due to HIPAA restrictions and the potential ongoing legal ramifications.

Of course, the safest responses to any media inquiry concerning a patient are either to not respond or say “no comment.” Generally, a recommended approach to HIPAA compliance would include:

  • maintaining privacy policies and procedures;
  • implementing regular employee privacy training;
  • conducting thorough internal investigations of complaints; and
  • if necessary, drafting a calculated response to a complaint after considering the applicable laws and potential legal consequences.

In this case, the physician group agreed to pay $125,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) to settle the alleged HIPAA violation. The Resolution Agreement includes a Corrective Action Plan that requires the group to actively monitor their compliance with HIPAA and submit documentation of their compliance to HHS for two years.

In 2015, the patient contacted the television reporter regarding an allegation that she was refused care because of her use of a service animal. The reporter then contacted the physician for his side of the story. Their conversation occurred after the physician was warned by the group’s compliance officer not to respond to media requests. The issue was compounded when the physician group failed to take appropriate sanctions against the physician for his refusal to comply and release of patient information.

The federal government alleged two violations. This settlement agreement is a reminder to health care clients to review their entity’s privacy policies and procedures on a regular basis to ensure compliance with HIPAA, and to distribute those policies and procedures to employees for constant implementation. If an employee acts in contrast to the advice of the entity’s compliance officer and policies, it is imperative to have procedures in place to take appropriate disciplinary action against the employee and corrective action to minimize risk.

The resolution agreement and corrective action plan may be found on the OCR website

Contact Us
  • Worldwide
  • Boston, MA
  • Chicago, IL
  • Denver, CO
  • Dublin, Ireland
  • Edwardsville, IL
  • Jefferson City, MO
  • Kansas City, MO
  • Las Vegas, NV
  • London, England
  • Miami, FL
  • New York, NY
  • Orange County, CA
  • Philadelphia, PA
  • Princeton, NJ
  • Salt Lake City, UT
  • St. Louis, MO
  • Washington, D.C.
  • Wilmington, DE
abstract image of world map
Boston, MA
800 Boylston St.
30th Floor
Boston, MA 02199
Google Maps
Boston, Massachusetts
Chicago, IL
100 North Riverside Plaza
Suite 1500
Chicago, IL 60606-1520
Google Maps
Chicago, Illinois
Denver, CO
4643 S. Ulster St.
Suite 800
Denver, CO 80237
Google Maps
Denver, Colorado
Dublin, Ireland
Fitzwilliam Hall, Fitzwilliam Place
Dublin 2, Ireland
Google Maps
Edwardsville, IL
115 N. Second St.
Edwardsville, IL 62025
Google Maps
Edwardsville, Illinois
Jefferson City, MO
101 E. High St.
First Floor
Jefferson City, MO 65101
Google Maps
Jefferson City, Missouri
Kansas City, MO
2345 Grand Blvd.
Suite 1500
Kansas City, MO 64108
Google Maps
Kansas City, Missouri
Las Vegas, NV
7160 Rafael Rivera Way
Suite 320
Las Vegas, NV 89113
Google Maps
Las Vegas, Nevada
London, England
Royal College of Surgeons of England
38-43 Lincoln’s Inn Fields
London, WC2A 3PE
Google Maps
Miami, FL
355 Alhambra Circle
Suite 1200
Coral Gables, FL 33134
Google Maps
Photo of Miami, Florida
New York, NY
7 Times Square, 44th Floor
New York, NY 10036
Google Maps
New York City skyline
Orange County, CA
19800 MacArthur Boulevard
Suite 300
Irvine, CA 92612
Google Maps
Philadelphia, PA
2005 Market Street
29th Floor, One Commerce Square
Philadelphia, PA 19103
Google Maps
Philadelphia, Pennsylvania
Princeton, NJ
100 Overlook Center
Second Floor
Princeton, NJ 08540
Google Maps
Princeton, New Jersey
Salt Lake City, UT
222 South Main St.
Suite 1830
Salt Lake City, UT 84101
Google Maps
Salt Lake City, Utah
St. Louis, MO
7700 Forsyth Blvd.
Suite 1800
St. Louis, MO 63105
Google Maps
St. Louis, Missouri
Washington, D.C.
1717 Pennsylvania Avenue NW
Suite 400
Washington, DC 20006
Google Maps
Photo of Washington, D.C. with the Capitol in the foreground and Washington Monument in the background.
Wilmington, DE
1007 North Market Street
Wilmington, DE 19801
Google Maps
Wilmington, Delaware