Unauthorized Use of PHI as Teaching Tool Leads to Legal Action by Student

A medical student at Marshall University is suing the institution, along with Cabell Huntington Hospital, in relation to the unauthorized sharing of some of his protected health information (PHI) to a class of students.

The student, who is referred to only as as J.M.A in the lawsuit, alleges that his x-rays were used as a teaching tool by a professor at Marshall University Joan C. Edwards School of Medicine, but information identifying J.M.A. as the patient had not been deleted or redacted from the x-rays.

The issue had been made known to the university by another faculty member. On April 15, 2018, the dean of the medical school wrote to J.M.A to advise him of the privacy breach. The university was not informed that the professor was using the x-ray as a teaching tool.

J.M.A. claims he has experienced shame, embarrassment, humiliation, and major anxiety due to the sharing of his identity. It is not known how many people viewed J.M.A’s x-rays and how many of those individuals passed what they had witnessed to more people.

Troy N. Giatras, Matthew W. Stonestreet, and Phillip A. Childs of The Giatras Law Firm is acting for J.M.A and is seeking compensatory and punitive damages for their client.

Three motions to throw out the lawsuit have been filed by the defendants Cabell Huntington Hospital; Marshall University Joan C. Edwards School of Medicine and Marshall University Board of Governors; and Radiology Inc.

They claim that the case dismissed as it was not submitted using the correct proper venue and because they say the plaintiff failed to state a claim on which relief can be granted.

Pardee UNC Health Care PHI During Robbery

Pardee UNC Health Care is getting in touch with specific patients to make them aware that some of their PHI has potentially been compromised during a break in at its facility at 2029 Asheville Hwy, Hendersonville, NC. The break-in was first noticed on May 9, 2019. Thieves obtained entry to the basement of the building and took electronic equipment.

No electronic protected health information was impacted as the computers did not have hard drives, but while searching the basement a stack of 590 Federal Drug Testing Custody and Control forms were located. The forms included names, phone numbers, birth dates, social security numbers, employers’ name, driver’s license numbers, and results of the drug screening test and from time period during October 2003 – December 2004.

Officials at Pardee did not find any proof to indicate data had been viewed or stolen, but the stack of files had been moved to a place where they would have been in full view of the thieves as they went into the basement, so there is a possibility that PHI has been impacted.

All files have now been taken away from the basement and are in a secure storage facility. Pardee UNC had previously stored paperwork in many different locations. The paperwork has now been retrieved and been moved to a one secure storage facility.

Jennifer Melia, Compliance & Privacy Officer for Pardee UNC Health Care said: “We are reviewing existing employee training and record retention protocols and policies and will reinforce and revise as needed”.

UNC Health Care is offering one year of free credit monitoring protection services to impacted individuals. It is not yet known how many individuals have been impacted.

Author: Maria Perez