Socially transmitted disease

A Cincinnati woman is using UC Medical Center after three of its employees allegedly posted a screen shot of her medical records for syphilis on a Facebook page called 'Team No Hoes' last fall.

This troubling story, authored and disseminated by the Associated Press, appeared in my local newspaper this morning. Those of us who work in healthcare and deal in protected health information (PHI) on a daily basis can only shake our heads in disgust at the woman who is alleged to have obtained PHI in order to defame another person. If indeed that is shown to have occurred, she should be liable for the damages that are awarded. But what about the hospital???

Disclaimers:

  • I am not a lawyer and cannot pretend that my coursework on legal issues in healthcare, or my years of handling similarly sensitive PHI, constitute bulletproof legal thinking.
  • I know only what is in the AP story, which does not appear to have picked up much embellishment in other news sources, with the single exception of the New York Daily News. There’s no assurance that the published pieces present all the facts of the case.
  • I’m a former colleague of the hospital administrator quoted in the story.

On to my take.

The plaintiff’s gambit is clearly to invoke a wide blanket of the respondeat superior doctrine, which holds an employer liable for torts committed by its employee in the course of his or her employment. Those who have studied health law are well familiar with the concept and its impact on healthcare organizations whose employees may act negligently while providing patient care or other medical services. Note that plaintiff’s attorney indicated the plan of attack by boasting, “They can’t hide behind a shield of, ‘This employee was acting outside of the scope of their responsibilities.’ If that’s going to be their defense at trial, I’m looking forward to the trial.”

His argument rests on the judicial consensus that when an employee is clocked in to work, at the workplace, and using the tools provided by the employer (in this case, computer and patient billing system), the employer is responsible for the bad actions of the employee. Broadly speaking, that’s correct.

But, as Lee Corso says, not so fast, my friend.

A little closer read of the bounds on scope of employment, with relation to an employee’s action, is that it must be performed “at least in part, by a purpose to serve the master” (Dobbs D, Keeton RE, Owen DG: Prosser and Keaton on Torts. Keeton WP (ed). St. Paul, West Publishing Co, 5th Ed, 1984, pp 501-502). When the defendant employee allegedly looked up the patient’s billing record at the instigation of the rather unsavory male sexual contact of both (I was going to say love interest, but I doubt there was much real love involved), the action cited cannot possibly be construed as one which even in part served the interests of the hospital. Not in any way.

If the UC Medical Center is held liable in this case—despite presenting (one assumes) the proper documentation that the employee was trained in responsible use of PHI, her agreement to follow the policies she willfully breached, and the appropriate audit trails, not to mention the fact that it fired her upon learning of her act—think of the chilling effect it could have on all manner of organizations in the medical services industry. People in billing departments, by definition, need to be able to access, well, billing records. How else does a hospital reasonably deter the scoundrel within its walls who is determined to steal information he or she is not entitled to see, much less cause to be plastered on a social media site?

I could, and perhaps may in the future, additionally weigh in on other themes in this story. For instance, it does not appear that the plaintiff denies that she indeed contracted an STD, just that the distribution of that fact on a Facebook group led to harassment and emotional distress. (Guessing the Walmart in Cincinnati was sold out of big-girl panties.) And what about Facebook itself? Maybe they should try to name Mark Zuckerberg in the lawsuit as well, since he was obviously complicit in allowing a group named “Team No Hoes” to exist on his company’s platform.

Bottom line: bad actors will behave badly, regardless of the avenues available to them. If you run me over with a Chevy, am I free to sue GM?

 

(picture retrieved from http://assets.nydailynews.com/polopoly_fs/1.1817389.1401923982!/img/httpImage/image.jpg_gen/derivatives/article_970/university-cincinnati-medical-center.jpg?enlarged)

 

Posted in Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: