3 Fired For Snooping Athletes' EHRs

University of Iowa Breach Incident Affected 13 Students
3 Fired For Snooping Athletes' EHRs
The University of Iowa Hospitals and Clinics is firing three employees and giving two others five-day unpaid suspensions because they inappropriately accessed the electronic health records of 13 student-athletes.

The Associated Press reported that the athletes affected by the healthcare information breach were members of the University of Iowa football team who were admitted in late January after undergoing intense workouts following winter break. The football players were treated for rhabdomyolysis, which causes muscle fibers to be released into the bloodstream and can cause kidney damage, AP reported.

A hospital spokesman declined to offer further comment on the identity of those whose records were breached. The unauthorized access to the records was detected, he said, because "through our monitoring process, all faculty and staff use an assigned identification code and a personally chosen password to access the system, so our review team is able to determine who accessed the system and which information was viewed."

Unauthorized access to patient records by those not directly involved in treatment is a violation of the HIPAA privacy rule. Pending HIPAA modifications, called for under the HITECH Act, increase the penalties for violations.

The hospital has notified the athletes about the breach incident, the spokesman said.

In a similar incident, the Arizona hospital where shooting victim Rep. Gabrielle Giffords, D-Ariz., was treated recently fired three staff members for inappropriately accessing confidential medical records.

About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.