» print » email

Electronic Health Records the Cause and Cure in HIPAA Privacy Fine

Former UCLA Employee is the First to Result in Incarceration for Unauthorized Access of Patient Medical Records

June 7, 2010

Huping Zhou was sentenced in late April to four months in jail after pleading guilty to charges related to looking at patient medical records he was not authorized to view. Zhou, a licensed cardiothoracic surgeon in China, worked at the UCLA School of Medicine as a researcher in 2003.

HIPAA (Health Information Portability Accountability Act) is a federal law that determines how health information may be shared electronically. The patient privacy segment of HIPAA was enacted in 2002.

UCLA employees inappropriately accessed the information of 1,041 California patients from 2003 to 2008. According to the U.S. Attorney's Office, Central District of California, which prosecuted Zhou, the night Zhou's employment was terminated he accessed and read his immediate supervisor's medical records and those of former co-workers. Over the course of three weeks he remotely accessed other medical records he was unauthorized to see, including those belonging to celebrities.

According to experts, Zhou's incarceration, the first in the nation for looking at patient files without a valid reason, should serve as a warning sign to all medical practices that times have changed when it comes to patient privacy.

Zhou was able to access the Electronic Health Record (EHR) system remotely, but he was also caught by the EHR system, as it documented his unauthorized access to other employees and celebrities.  Newer EHR technology often includes more controls and flags for VIP patients, including hospital employees and celebrities.

The American Recovery and Reinvestment Act (ARRA), also known as the the Stimulus Package, or the Recovery Act, was signed by President Obama in February 2009.  As part of the law, stricter privacy rules were put into place, modifying HIPAA.  Additionally, ARRA creates stimulus incentive payments for medical providers for demonstrating meaningful use of certified EHR technology.

Read the full article:
HIPAA violation leads to jail time
American Medical Association

Help others find this information:

RSS Feed

  Subscribe to our feed


Key Contacts
Eric Sorenson
ChartLogic
VP of Marketing
801.365.1815


Paula Anderson
ChartLogic
MarCom & Events Manager
801.365.1847


Search

Important Links
Volunteer Playground Build -- March 10, 2010 -- New Orleans, Louisiana

ChartLogic employees Eric Sorenson, Al To'a, Bob Burns, and Bryan Backenstoss take a quick photo break at Jefferson Park, in New Orleans, where ChartLogic participated in the American Academy of Orthopaedic Surgeons' Annual Volunteer Playground Build

ChartLogic, the #1 Electronic Health Records (EHR) Company in Orthopaedics, has participated in this program several years in a row.

Copyright © 2010 ChartLogic Inc. ChartLogic® is the registered trademark of ChartLogic, Inc. All rights reserved.

Newscactus Online Newsroom Powered by NewsCactus.com