People who are over 40 years of age can allege age discrimination if it appears that the employer is using another excuse to fire an older employee and replace them with someone younger and cheaper.
In this case, however, the hospital had a clear policy, in writing, which Ms. P was familiar with and had signed.
In addition, the hospital had a history of terminating employees for HIPAA violations, and over half of those fired were under 40 years old at the time. In fact, several of the younger employees were terminated specifically for accessing the medical charts of family members.
If an employer has a policy on the books that is being enforced uniformly across all age groups, then a cause of action alleging age discrimination will fail – as it did here.
The HIPAA Privacy Rule provides federal protections for personal health information. At the same time, the rule is balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes. Ms. P had no valid reason to be looking at medical records of patients who were not hers.
HIPAA is taken very seriously, and numerous jobs have been lost based on violations of the rule. A hospital or medical practice cannot afford to have violations, as the federal government strictly enforces HIPAA.
It is essential to remember that a patient’s privacy—whether the person is someone you know or not—is of paramount importance.
Also, pay attention to the policies of your employer. Had Ms. P considered the training she’d had, or the agreement she signed, she might have realized what the consequences would be of looking at unauthorized medical records. Err on the side of caution.