HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Nurse Fired for HIPAA Violation

Can a nurse be fired for a HIPAA violation? Certainly. Violate HIPAA Rules and having your employment contract terminated may not be the worst thing that will happen. There may also be criminal charges for HIPAA violations. Jail time is likely if protected health information (PHI) is stolen and passed on to an identity thief, although HIPAA Privacy Rule violations alone can result in a jail term. If there is aggregated identity theft, there will be a mandatory two-year sentence tacked on to the sentence.

When a nurse is fired for a HIPAA violation, finding alternative employment can be problematic. Few healthcare organizations would be willing to hire an employee that has previously been fired for violated HIPAA Rules.

In January this year, a nurse aide was fired from Wayne Memorial Hospital for a HIPAA violation after the inappropriate accessing of 390 patients’ records was discovered. One notable incident in 2011 saw nurses and other healthcare staff snoop on patient records. In that case, there had been a party in a neighboring town where there were multiple drug overdoses. Allina Hospitals and Clinics fired 24 members of staff for the inappropriate accessing of PHI.

Nurse Fired for HIPAA Violation at Glendale Adventist Medical Center

Each year, many nurses are discovered to have violated HIPAA Rules and lose their jobs as a result. The most common HIPAA violations are snooping on patient records, oftentimes simply out of curiosity. Earlier this month, there was another nurse fired for a HIPAA violation.

Please see the HIPAA Journal Privacy Policy

A former nurse at Glendale Adventist Medical Center in Glendale, CA was discovered to have accessed the medical records of hundreds of patients without authorization and without any legitimate work reason for doing so.

HIPAA requires covered entities (and their business associates) to conduct regular reviews of PHI access logs to identify any cases of improper PHI access. The inappropriate access was discovered during one of those routine reviews. In this case, the nurse was discovered to have accessed the medical records of 528 patients, including the records of 88 patients of its Boyle Heights sister hospital, White Memorial Medical Center.

When the review of access logs raised red flags, the PHI access was compared against the nurse’s caseload, revealing there was no reason for the records to have been accessed. The nurse was promptly fired for violating HIPAA Rules and hospital policies.

It is unclear at this stage why the per-diem nurse accessed the records. The investigation into the HIPAA violations is ongoing. If PHI theft is suspected, criminal charges are likely to be filed.

A statement released by the hospital indicates the types of information that may have been accessed included names, addresses, dates of birth, Social Security numbers, and sensitive clinical information.

All of these incidents clearly demonstrate that improper accessing of medical records, and other HIPAA violations, will be discovered. If you are a nurse, it is essential that you are well versed in HIPAA Rules, know what is and is not acceptable, and that you comply with HIPAA Rules. HIPAA compliance is not optional.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.