Walgreens Sued for Breech of Privacy

Not only are consumers feeling the pinch at the cash registers but so is a large United States pharmacy and retailer. The Walgreen Co. was hit for $1.44 million due to a lawsuit brought on by a customer in Indiana.

Abigail Hinchy filed a lawsuit against the Walgreen Co. for a Health Insurance Portability and Accountability Act (HIPAA) breach of privacy. Hinchy claimed her HIPAA rights were violated when Walgreen pharmacist Audra Peterson utilized Hinchy’s medical records to find out if Hinchy passed on a sexually transmitted disease to her ex-boyfriend who is now Peterson’s husband.

Audra Peterson gave the information to her husband and he texted Hinchy about what Peterson had uncovered. According to the HIPAA policy, health care providers must protect the identity and medical records of patients. If identities and medical records have been misused or violated, civil and criminal cases can be brought against health care providers. However, HIPPA does not cover “breech of privacy.” Since Hinchy was contending “breech of privacy,” the Walgreen Co. went after Peterson for negligence but did not feel that Hinchy’s records were violated. The statement made by the Walgreen Co. supports their view on Peterson’s actions in this matter. “The pharmacist in this case admitted she was aware of our strict privacy policy and she knew she was violating it. We believe it is a misapplication of the law to hold an employer liable for the actions of an employee who knowingly violates company policy.”

Although the company believed Peterson’s actions did not invade Hinchy’s HIPAA rights, Hinchy’s attorney Neal F. Eggerson took the case further and won. “In my opinion, health care providers do not take their HIPAA protocols as they should, ” Eggerson said in a statement.

This is not Eggerson’s first case regarding the misuse of medical records. In 2010, he went up against a health care facility in Bloomington. The facility was negligent in sending medical information to a get reimbursement from a collection agency. The settlement in the case was $1.25 million. Again, Eggerson challenged that employers and employees should be negligent in violating HIPAA rights. He refers to this practice as fishing through medical records.

Comments are closed.