[ Tuesday, March 14, 2006 ]


Another HIPAA crime (and by a non-CE)? Check this out: a woman working in a doctor's office offers to sell an FBI agent's medical file to drug runners. But it turns out her buyer isn't a drug runner, but an FBI snitch. She's going to jail for wrongfully obtaining an individual identifier in order to wrongfully disclose PHI for personal gain. But she worked in a doctor's office; she's not a doctor. And the practice isn't accused, she is. Looks like Gibson again. But the DOJ said non-covered entities like employees, vendors, and business associates can't be held liable for a HIPAA violation. (Further discussion of that below, and here).

Unless the actual crime isn't a HIPAA crime (there are a lot of similar identity theft crimes that might apply here). . . .

I'll check it out a little more when I get a chance. I'm sorta out of pocket at the moment.

Jeff [11:28 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template