Consumer group sues Kaiser Foundation over patient privacy violations
HIPAA Weekly Advisor, March 22, 2004
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
The California Consumer Health Care Council (CCHCC) filed a
representative-action lawsuit March 15 against Kaiser Foundation Health
Plan Inc. for allegedly unlawfully disclosing patients' private medical
information.
The council, a consumer healthcare advocacy group, alleges that Kaiser,
based in Oakland, CA, is invading patients' privacy and violating
California law because of the way its legal department handles patients'
medical records, says CCHCC Chairman John Metz.
CCHCC alleges when Kaiser learns of a suit or potential suit by a patient,
its legal department views the patient's medical records without proper
patient authorization. This alleged review by Kaiser's legal department is
inappropriate, says Metz, because Kaiser's legal employees have no role in
actually providing treatment to the patient.
"I believe California law clearly protects what little is left of our
medical privacy, and that this conduct clearly violates it," Metz says.
Metz says the suit was brought under one of the "crown jewels" of U.S.
consumer protection laws, California's Business & Professions Code Section
17200. "It basically prevents anyone from engaging unlawful, unfair, or
fraudulent acts or practices and deceptive advertising," he says.
"What we hope is that that law is applied and enforced with regard to this
conduct such that if it is found to be illegal - as we believe it is -
that the court will order them to cease and provide whatever other redress
is available."
Kaiser Permanente lawyers and their staff do access medical information in
order to respond to claims and in the course of litigation, but they do it
with the patient's rights in mind, says Spokeswoman Kathleen Barco.
"We can assure you that Kaiser Permanente is very concerned about
protecting our patients' medical information," Barco says. "Kaiser
Permanente policies make it clear that anyone who has access to medical
records must agree to keep them confidential."
There will be no financial gain as a result of the lawsuit, Metz says.
"The action was brought on behalf of the public. This is not an action for
damages. It's to right a public wrong, and we act as a private attorney
general in doing it."
Metz says California law is more protective of patient privacy for
personal medical records than federally-mandated HIPAA.
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Related Products
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Topic: CMS, OESS post new security compliance review information, checklist
- Capturing all necessary codes for IUD insertion and removal can be challenging
- HIPAA Q&A: Level of encryption needed for email
- What does case-mix index mean to you?
- QA:Coding multiple initial infusions
- News and briefs: Oklahoma Osteopathic Association against residency bill change
- OB services: Coding inside and outside of the package
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- HIPAA Q&A: Level of encryption needed for email
- CMS has reformulated payments for some bilateral procedures
- Catch up on what's new with injections and infusions
- New conflicts of interest create new challenges
- Q&A: Follow CMS' coding guidelines when using modifier -25
- Q/A. One injection code or two?
- What does case-mix index mean to you?
- ED-to-inpatient transfers are flawed with safety gaps
- Searched