When Team 4 got certain records, the HIPAA enforcement office was supposed to block out the names of all patients who filed the complaints. But when Team 4's Paul Van Osdol examined the records, he found nine cases where patient names were disclosed. So, it appears the people in charge of enforcing the medical privacy law failed to follow their own rules.
Teresa Dimichelle is one of those patients whose names were disclosed. She agreed to talk about it.
Van Osdol: "The fact that the government failed to protect you, the same government agency that enforces HIPAA laws, what does that tell you?"
Dimichelle: "That it's all a joke to them. It was about my health care and the way I was being treated. I didn't think it needed go to whoever, Joe Schmoe down the street."
"That's alarming, and you should be commended for doing that request and uncovering that, because that's something we definitely need to address," said Altmire.
A spokesman for the Department of Health and Human Services said its disclosure of patient names is not a violation of HIPAA. That's because the government agency is not covered by the HIPAA law.
No, not a violation of HIPAA, just a violation of at least one other privacy law, and common sense, common decency, and especially the public's ability to swallow the lame excuse.