Conway Medical Center is conducting an internal investigation into allegations of a severe mishandling of a patient’s private health information.
The allegations stem from a lawsuit recently filed against the hospital from a former employee who filed under the pseudonym Jane Doe to protect her identity.
While working as a registered nurse at the hospital, Doe’s supervisor improperly accessed her patient record, and then an executive manipulated internal data to hide that impropriety, the complaint states.
Conway Medical Center declined to comment on the litigation, but confirmed it is investigating the claims, according to spokeswoman Allyson Floyd.
“We have strict policies and procedures in place to uphold federal HIPAA laws and to ensure the security of our patients’ Protected Health Information,” she wrote in a statement.
Doe, who worked at CMC during April 2016-May 2018, was admitted to the hospital as a patient during November of 2017 related to skin issues and an altered mental state, which physicians negatively described as a potential psychiatric episode, according to the lawsuit.
Doe was involved in a child custody dispute at the time — she had been awarded custody temporarily — but in December of 2017, the attorney representing her child’s father sought her medical records. The court then reversed its decision, granting the father custody, based partly on those records, Doe alleges.
Suspicious of the proximity of the attorney’s request to her hospital visit, Doe requested an audit trail of her electronic health records to ensure no one improperly accessed them, the complaint states.
That audit trail report, provided in 2018 by Burt Haas, the hospital’s director of health information management, showed no improper access. But when Doe requested another audit trail report during 2023, the report showed thousands of data entry points from late 2017 that were missing from the initial audit report she received, according to the suit.
The new report showed that Doe’s nursing supervisor, Terri Pickens, had accessed her patient records of her November 2017 visits despite not being involved in her treatment or care, the complaint states.
Don Hanson, a litigation consultant with electronic health record expertise, reviewed the conflicting audit reports at Doe’s request and determined that Haas removed information from the 2018 report to obscure the fact that certain people, including Pickens, improperly accessed those records, according to an affidavit from Hanson.
“The distinct violation of Jane Doe’s (protected health information) is highly egregious,” Hanson wrote. “In my experience, there is no good faith basis for a Director of Health Information Management to manipulate and alter a patient’s audit report prior to producing it to the patient.”
Doe alleges details of her medical condition and treatment were also disclosed to members of the community.
Timothy McKissock, an attorney representing Doe, described the situation as “very unsettling,” and said one of his client’s primary purposes in filing this suit is ensure no other patients suffer similar wrongdoing.
Most Popular
Comments / 0