The Intersection of HIPAA, Patient Privacy, and the Nosy Employee

Speaking Engagement
Virginia Medical Group Management Association

Patient privacy in any healthcare setting—a physician’s practice, clinic, community services board, FQHC, or hospital—is a serious matter. A violation of the HIPAA Privacy Rule can carry substantial monetary as well as other penalties. If an employee accesses patient medical files when they have no direct business purpose, is this considered employee misconduct? Can you fire them? How does Virginia’s new whistleblower protection law come into focus here?

This session will present a refresher on HIPAA, an update on the proposed changes to the Privacy Rule. It also includes a discussion of why improper disclosure of Protected Health Information (PHI) poses a significant risk. It also outlines standard steps to take in any review of the employee’s behavior as well as procedures for terminating the employee if a violation occurs. Practice managers, privacy officers, and HR professionals will find valuable hypothetical examples included in this session that demonstrate real and relevant HIPAA violations.


Heman Marshall, Liz Heddleston, King Tower

Jump to Page