|
The upcoming HIPAA rules will have a direct as well as an indirect impact on some hospital security lawsuits. When hospital patients become victims of crime at the hands of third parties, those crimes often implicitly involve a breach of privacy. At the present time, we do not typically find a breach of privacy as part of the plaintiff's complaint. That is likely to change.
Assume a scenario where a breach of privacy, as called for by HIPAA guidelines, could adversely affect a security liability lawsuit.
Assume your hospital admits a patient who is a victim of violence. The violence may have occurred at the hands of a third party or at the hands of a domestic partner. If the assailant is known, there may be a restraining order against the perpetrator. If the assailant is unknown, he or she may want to silence the victim in order to avoid detection and prosecution. Your hospital may or may not have decided to admit this victim under the guise of an alias. Finally, let us assume our perpetrator is determined to finish the job.
Under ordinary circumstances, common sense would dictate providing anonymity for our victim in addition to heightened security. Bear in mind hospital crimes that are the result of advance planning and research, such as an infant kidnapping, are difficult to deter and prevent. Crimes of mere opportunity are more easily dissuaded.
Suppose our perpetrator, in an effort to find the victim, is able to determine our patient's precise location within the hospital. This could be accomplished through a number of means. They may be able to obtain the information by merely asking at a reception desk manned by a volunteer. They may be able to follow a known acquaintance of the victim to the victim's room. Press accounts may have stated "The victim is now in ICU." Maybe the perpetrator, able to pass himself off as an employee, gains access. Maybe the victim/patient is in a room with his or her name on the door. The name of the patient may appear in chart racks on the door to their room or their name may appear on a grease board within the nurse's station in plain view.
Clearly all of these breaches would elevate the culpability of the hospital if the perpetrator were able to get to our patient and finish the job. However, the level of culpability would ratchet up considerably if, in addition to these breaches, you were in violation of HIPAA standards. This lawsuit could go from simple negligence to gross negligence. Damages could go from compensatory damages to punitive damages.
Why does HIPAA raise the bar?
Security programs within hospitals are very situational. A complete security analysis will support the contention that one size does not fit all. The security program must be developed to fit the unique needs of each hospital. However, when there is a breach of security that fails to meet a defined standard of care, such as a HIPAA requirement, the job of the plaintiff attorney is made easier.
|
