LA Hospital Fires Six for Privacy Breach After Kardashian Birth
Six people were fired from a Los Angeles hospital after “inappropriately accessing” patient health records days after reality television star Kim Kardashian gave birth at the facility June 15. The privacy breach, which included the records of 14 individuals and took place between June 18 and June 24 at Cedars-Sinai Medical Center, has led to speculation that the employees were terminated for accessing Kardashians’ medical records, according to a Los Angeles Times article.
Representatives for neither the hospital or Kardashian have confirmed that she was affected by the breach. The hospital did confirm that all individuals affected by the breach had received notification.
Of the six individuals fired in connection with the breach, four were physicians, one was a medical student, and one was an unpaid student research assistant.
According to the Los Angeles Times, three of the physicians had shared their usernames and passwords with other hospital employees, acting against hospital policy. In one case, an employee working for a physician had been given a new username and password for billing purposes. According to hospital records, five workers improperly accessed one record, while one worker inappropriately accessed 14 records.
Angela Rose, a director of HIM practice excellence at AHIMA, said that whenever a celebrity or VIP is admitted to a facility there’s going to be heightened interest in their health information. To prevent breaches, Rose said it comes down to having a policy, process, and procedure in place for tracking and monitoring the access of all medical records. Staffers should be reminded repeatedly that accessing VIP records inappropriately comes at a price for the facility as well as the individuals—be it a federal government audit or loss of a job. HIPAA violations, like the unauthorized access of a patient information, can result in fines and criminal charges.
“Make sure VIP records are monitored every day,” Rose advised. “VIP [record access] trails need to be monitored more closely.”
David Blake, Cedars-Sinai’s chief privacy officer, said in a statement that the hospital has “a high standard for security” and that “unauthorized access to any patient’s record is, quite simply, unacceptable,” according to the Los Angeles Times.