Recently, several lawsuits have been filed in relation to alleged breaches of Health Insurance Portability and Accountability Act (HIPAA) Rules. Here, we provide an overview of the cases, and how they pertain to HIPAA Rules.
The first case sees a Debra Conard, a former employee of Mosaic Life Care Medical Center in St. Joseph, MO, taking legal action over wrongful discharge and retaliation for her taking steps to avoid a violation of the False Claims Act.
Conard, 57, alleges she was wrongfully terminated for raising concerns about unlawful, unethical, and fraudulent billing practices at the medical center. According to the lawsuit, in April 2017, Conard was instructed by hospital officials to release charges for billing even though the official documents did not support the claims she was told to make. Multiple charges were required to be pushed through, which would induce payment by Medicare and other third parties.Conrad was told to proceed with the claims even though she could not verify that the claims were correct.
Conrad raised her concerns about potential violations of the False Claims Act to her supervisor. She further claims that she informed her supervisor of the possibility of substantial fines that may be levied if the false claims were discovered. Her supervisor instructed her to continue with her job and process the claims. but also included notes stating that the claims were not supported by the documentation and the claims had been authorized to be released even though she believed them to be fraudulent claims.
Due to her discontent about the fraudulent billing, Conrad was subjected to disciplinary action at her workplace, including suspension from her role. She complained about the disciplinary actions and was later accused of violating HIPAA Rules. Following her complaint about being accused of violating HIPAA Rules, she was fired from the organisation. She sought legal advice following her termination, and decided to file a lawsuit against her former employer.
The lawsuit states, “Merely because plaintiff could see patient information while performing duties in the coding program (that she needed to access to perform her job), she was subject to discipline and suspension.” Conrad is seeking $75,000 in compensatory damages, lost wages, lost benefits, attorneys’ fees, and reinstatement.
The second case involves Michael Feinberg, from New York, taking legal action against CVS Pharmacy over an alleged privacy violation. The lawsuit claims that details of his prescriptions were disclosed over the telephone to his wife without his permission. Feinberg had visited a Long Island branch of the pharmacy chain to fill a prescription for 100 mg of Viagra with five refills. Rather than have his medical insurance cover the costs, Feinberg wanted to pay the privately.
A few days after fulfilling the perscription, Feinberg’s wife contacted the same pharmacy by telephone about an unrelated matter. However, while talking to her, the CVS pharmacy employee allegedly told about her husband’s Viagra prescription over the telephone, which Feinberg’s wife did not know about. As a result of the disclosure, Feinberg claims his marriage is broken and he has suffered a “genuine, severe mental injury and emotional harm”.
Feinberg claims his wife had no right to be told about his medication and that by disclosing the information to a third party (his wife) the pharmacy violated the HIPAA Privacy Rule.