Report: UCLA privacy breaches happen often

When a hospital treats celebrities, it's no surprise that employees will be tempted to get a peek at their records--as happened recently when employees improperly looked into records on singer Britney Spears and actress Farrah Fawcett. What's less forgivable, however, is if a hospital turns a blind eye to such snooping. That, in fact, is what has been happening at UCLA for quite some time, contends an investigative report published in the Los Angeles Times.

According to interviews conducted by the paper, executives have known of employee intrusions into patient records since at least 1995, when one group of workers was fired for looking for electronic records of celebrities like Tom Cruise and Dom DeLuise, and apparently didn't do much to tighten security. Over time, dozens of additional employees have been busted for similar violations, including one case in 2001 when a nurse looked at pop singer Mariah Carey's records, and another in which employees looked at records for former Beatle George Harrison--possibly because they were paid by a tabloid to do so.

On top of all that, in 2004 the Coalition of University Employees claimed in 2004 that two supervisors whose job it was to train staffers on then-new HIPAA legislation actually were looking into their subordinates' medical records. The supervisors remained on staff for a year after the incident.

The California Department of Public Health began investigating UCLA last month, when the Times reported that the hospital had fired 13 workers and disciplined 12 for looking into Spears' records.

To learn more about UCLA's security issues:
- read this Los Angeles Times article

Related Articles:
UCLA staff accused of viewing Britney Spears' records
Union fights suspensions for workers viewing star's records
California expands health data breach rules
Johns Hopkins investigates data breach
Park Nicollet suspends employees for EMR snooping