There was a lot of controversy over the Jason Pierre-Paul medical record leak back in July. Reporter Adam Schefter tweeted out a picture of the Giants DE Pierre-Paul’s medical record, stating that the professional football player had his right index finger amputated.
After the tweet, Schefter had quite the backlash as people accused him of violating HIPAA. HIPAA, or the Health Insurance Portability Act requires “covered entities” to protect the privacy of individuals’ medical information, and imposes significant entities that violate the law.
What are “covered entities”?
Covered entities include all of the following:
- EMTs/Ambulance services
- Health Plans – HMOs, insurers, Medicare and Medicaid
- Health care clearinghouses – billing services, etc.; and
- Other health care providers who elect to transmit claim information electronically.
The law does not directly apply to the news media. This means that under HIPAA the hospital or informant of the medical record is actually the one who violated HIPAA and not Schefter.
Jackson Health System, the hospital that released the medical record tweeted back with the following:
Jackson Health System takes patient privacy seriously and aggressively investigates any alleged violation.
— JacksonHealthSystem (@JacksonHealth) July 9, 2015
Did Pierre-Paul consent to disclosing his medical records?
According to Mike Freeman of Bleacher Report, citing a source close to Pierre-Paul: no. “What I’m told by this source close to Pierre-Paul is the Giants defensive end didn’t authorize any release of medical information,” Freeman wrote.
Many people took to twitter vocalizing their opinions on the matter. Some of these tweets can be seen here on CBS.
That means if someone at the hospital did leak Pierre-Paul’s medical records to ESPN, Pierre-Paul could have the right to sue, and the hospital could be subject to a fine. A breakdown of the penalties for HIPAA violations can be found here.
It is undetermined what JPP plans to do about the breach. However, HIPAA has very serious consequences and should always be considered, even in journalism.
Check out this HIPAA Guide for the Newsroom to learn more about reporters should handle HIPAA stories.
Stay Compliant & Protected
The best way to make sure you are following HIPAA compliance is to shred all documents containing personal information and maintain strong rules against the sharing of personal information.
If you are looking for a shredding company to help safeguard your personal information, Shred Nations can help! We will make sure you always receive a certificate of destruction in order to meet all of your security needs.