Page 2 of 2 FirstFirst 1 2
Results 11 to 19 of 19
  1. #11
    Join Date
    Jun 2006
    Location
    Massachusetts
    Posts
    24,495

    Default Re: Hippa and Unauthorized Copy of Drivers Licence

    Tax is right. A drivers license wouldn't normally be covered under HIPAA, but it did serve to identify a specific individual related to her health care, to someone who is not covered under the HIPAA umbrella. Therefore in this case it is.

  2. #12
    Join Date
    Oct 2016
    Posts
    4,237

    Default Re: Hippa and Unauthorized Copy of Drivers Licence

    Ah but...

    It wasn't given to anyone that wasn't and employee of the health care provider. The manager has the employer as the everyone in the pharmacy.

  3. #13
    Join Date
    Jun 2006
    Location
    Massachusetts
    Posts
    24,495

    Default Re: Hippa and Unauthorized Copy of Drivers Licence

    So - the manager of the grocery store was an employee of the pharmacy?

  4. #14
    Join Date
    Oct 2016
    Posts
    4,237

    Default Re: Hippa and Unauthorized Copy of Drivers Licence

    Quote Quoting cbg
    View Post
    So - the manager of the grocery store was an employee of the pharmacy?

    I'm assuming the pharmacy is owned by and part of the grocery store. The pharmacist might well be down the chain of command of the Manager.

    That said, I'll bet the OP is wanting to know if she has something to bargain with over the damage she did because of the possible HIPAA violation.

    I don't think she does.

  5. #15
    Join Date
    Oct 2014
    Posts
    8,149

    Default Re: Hippa and Unauthorized Copy of Drivers Licence

    Quote Quoting PayrolGuy
    View Post
    Ah but...

    It wasn't given to anyone that wasn't and employee of the health care provider. The manager has the employer as the everyone in the pharmacy.
    I addressed your claim that the driver's license wasn't protected health information (PHI). As I explained, it is when it is the information of patient/insured of a covered health care provider or insurer. Once it's established that it is PHI, the issue then becomes whether the disclosure of that PHI without the individual's consent is authorized. We'd need more facts to determine that. For example, in some stores the pharmacy is simply leased space from the store and operated by a different entity. For example, in my area there are several Target stores that have CVS pharmacies in them. In that case, the disclosure by the CVS pharmacy employees to the Target store manager in a situation like the OP had would clearly violate HIPAA unless the patient consented to the disclosure. Even if the pharmacy appears to be part of the same company, it might not be. It is not uncommon that the pharmacy operations would be run by a separate subsidiary than the grocery part of the store, for example. Those situations are the easier ones to spot.

    But what about the use of PHI internally by an entity that does both healthcare operations and other things, like a big grocery chain that operates its own pharmacies? Here, the rule is more complex. In general, the entire store would be a covered entity (CE) because of the pharmacy that it has within it. That would subject the entire store operation to the HIPAA rules even though most of what the store does has nothing to do with providing healthcare. That's not something the store is likely to want as it vastly increases the chances of accidental violations of the rules by disclosures made by store employees who aren't familiar with HIPAA rules. It can also result in records becoming PHI that would not have otherwise been covered by HIPAA if it wasn't a CE. For example, health information it has about nonpharmacy employees may become subject to the HIPAA rules if the entire operation is a CE. Those records would not be subject to HIPAA privacy rules if the store had no pharmacy, health clinic, etc in it and thus was not a CE.

    The HHS regulations provide a solution to that problem. The give an organization an organization whose main business is not providing healthcare or health insurance services but does have some healthcare activities the option to elect to become a hybrid entity. They do that by formally designating those healthcare activities (e.g. the store pharmacy) as the CE. Once they do that, the CE part of the business is treated as though it were a separate entity for purposes of HIPAA and thus the CE part of the business could not disclose PHI to the non CE part of the business unless the it was a disclosure that the rules would otherwise allow between two separate entities. See 45 CFR 164.105. A lot of organizations like grocery stores, universities, non health care companies with employee health clinics, etc., do opt for the hybrid entity approach as it reduces administrative burdens for the company and reduces risks of HIPAA violations.

    Put in more plain language, if this grocery store has elected to use the hybrid entity approach then the store pharmacy cannot disclose PHI to the nonpharmacy part of the company unless the disclosure meets one of the exceptions that allow for disclosure without consent between two different entities. As there is no exception that would allow the disclosure in the situation described by the OP, if this organization opted for the hybrid approach the disclosure of that driver's license info, which is PHI, would indeed violate HIPAA.

    We'd need to know more details about the pharmacy operation to know if a HIPAA violation occurred. Is the pharmacy operated by a separate entity, like in my Target and CVS example? If it is part of the exact same company, has that company elected the hybrid entity approach?

  6. #16
    Join Date
    Oct 2016
    Posts
    4,237

    Default Re: Hippa and Unauthorized Copy of Drivers Licence

    Quote Quoting Taxing Matters
    View Post

    We'd need to know more details about the pharmacy operation to know if a HIPAA violation occurred. Is the pharmacy operated by a separate entity, like in my Target and CVS example? If it is part of the exact same company, has that company elected the hybrid entity approach?
    But the OP needs to know that the threat of HIPAA claim isn't going to give her any bargaining leverage in dealing with the damage she did with her car. And she isn't going to make any money from pursuing such a claim.

  7. #17
    Join Date
    Oct 2014
    Posts
    8,149

    Default Re: Hippa and Unauthorized Copy of Drivers Licence

    Quote Quoting PayrolGuy
    View Post
    That said, I'll bet the OP is wanting to know if she has something to bargain with over the damage she did because of the possible HIPAA violation.

    I don't think she does.
    The law does not give an individual a civil remedy for a HIPAA violation. The only recourse for a HIPAA violation is to complain to HHS about it. HHS has the power to fine the entity for the improper disclosure. But that doesn't help the OP with the damages from this incident. At least not directly. The OP might threaten to report the violation to HHS unless the OP gets a break on the compensation for the damages the OP caused if doing so would not amount to extortion/blackmail under Arizona law. Some states make that kind of threat a crime; others don't. I've not researched Arizona law on that. I'd suggest the OP consult an Arizona attorney about that before making such a threat. But even if the OP could do that without violating the law, whether the store would be intimidated by that threat is another matter.

  8. #18
    Join Date
    Jun 2006
    Location
    Massachusetts
    Posts
    24,495

    Default Re: Hippa and Unauthorized Copy of Drivers Licence

    EVEN IF we accept as gospel that the pharmacy is a part of the grocery store, that doesn't mean that the grocery store manager is covered under the HIPAA umbrella. Not unless the grocery store manager has a significant presence in the pharmacy itself.

    Put it this way; it's a lot more likely that there was a violation that that there wasn't.

    This is my ball park, kids. I get trained and certified and re-trained and re-certified on HIPAA once a year.

    I agree that it's not going to give her any leverage with regards to the car. That's totally beside the point and has nothing to do with whether a violation occurred.

  9. #19
    Join Date
    Sep 2018
    Location
    Ohio
    Posts
    427

    Default Re: Hippa and Unauthorized Copy of Drivers Licence

    Quote Quoting cbg
    View Post
    So - the manager of the grocery store was an employee of the pharmacy?
    That's what I was thinking after my first post. Was it the pharmacy manager or store manager?

    Quote Quoting Taxing Matters
    View Post
    The OP might threaten to report the violation to HHS unless the OP gets a break on the compensation for the damages the OP caused if doing so would not amount to extortion/blackmail under Arizona law. Some states make that kind of threat a crime; others don't. I've not researched Arizona law on that. I'd suggest the OP consult an Arizona attorney about that before making such a threat. But even if the OP could do that without violating the law, whether the store would be intimidated by that threat is another matter.
    In Ohio that is codified as Compounding a crime, so I searched the same for AZ law. Nothing seems to indicate it would be unlawful for her to bargain.

    13-2405. Compounding; classification

    A. A person commits compounding if such person knowingly accepts or agrees to accept any pecuniary benefit as consideration for:

    1. Refraining from seeking prosecution of an offense; or

    2. Refraining from reporting to law enforcement authorities the commission or suspected commission of any offense or information relating to the offense.

    B. Subsection A shall apply in all cases except those which are compromised by leave of court as provided by law.

    C. Compounding is a class 6 felony if the crime compounded is a felony. If the crime compounded is not a felony, compounding is a class 3 misdemeanor.

    Ohio has listed an Affirmitive defense, but there appears to be none for AZ, at least under that section.

    1. Sponsored Links
       

Page 2 of 2 FirstFirst 1 2

Similar Threads

  1. Suspension and Revocation: Drivers Licence Suspended Due to DMV Errors
    By MikeLedesma in forum Driver's Licenses
    Replies: 2
    Last Post: 11-05-2016, 08:25 AM
  2. Traffic Court Issues: Pulled Over for Speeding with Foreign Drivers Licence
    By Arlind Pajaziti in forum Moving Violations, Parking and Traffic Tickets
    Replies: 1
    Last Post: 10-23-2015, 12:12 PM
  3. Drivers Licence Renewal: Turning 21 in Pennsylvania
    By lnjenkins in forum Driver's Licenses
    Replies: 2
    Last Post: 01-16-2010, 10:31 AM
  4. Suspended Drivers Licence
    By maf6419 in forum Driver's Licenses
    Replies: 3
    Last Post: 02-21-2009, 01:56 PM
  5. Drivers Licence Revoked Permanantly in Florida
    By richiekw in forum Driver's Licenses
    Replies: 2
    Last Post: 02-18-2009, 02:47 PM
 
 
Sponsored Links

Legal Help, Information and Resources