Submitted by SnooDucks3584 t3_10g5dca in Maine
[removed]
Comments
fridaycat t1_j517dm5 wrote
Exactly. I can't imagine 4 different employees violating HIPAA.
[deleted] t1_j51ckjt wrote
You’d be surprised how often it is violated in workplaces. Daily, several times.
Delicious_Rabbit4425 t1_j51kx6a wrote
This is so true. I work IT for a company that deals with HIPAA-protected information and the number of people casually discussing client information where people that have no business knowing can hear is absurd. The funny part is that those same people are the ones that complain that IT is invading their privacy (on company-owned devices)...
[deleted] t1_j51o2jx wrote
[deleted]
[deleted] t1_j51owpt wrote
You’re right, this particular scenario sure sounds like a willful and egregious violation which does separate it from the careless violations that are pretty frequent.
ThrillHouseofMirth t1_j52fl31 wrote
Because HIPAA is impossible to follow.
FolsomPrisonHues t1_j52l2hi wrote
Please tell me you're being sarcastic
ThrillHouseofMirth t1_j538tzt wrote
I'm not, HIPAA is terrible policy and has been for a while. You're free to continue to cry about it and join the bandwagon on trying to get random people fired.
FolsomPrisonHues t1_j55obbk wrote
Someone's got a chip on their shoulder. I work with CPNI and PII on a daily basis. It's not hard to keep private information private. Are you the subject of the post?
Coffee-FlavoredSweat t1_j522tiy wrote
Seems like 4 different people actually did that. At least 2 of them have been fired according to her Facebook posts, and she’s gunning for the others.
runner64 t1_j530j4y wrote
When I was in Acadia, the doctor went home for the night and there was no one to sign my release when my 16 hour hold was up. Three employees stood next to each other and lied to me saying that Maine had no rules about how long a patient could be held involuntarily. None of them would commit it to writing or even initial something I wrote indicating that I was understanding them correctly.
So yeah. Northern light employees will not only knowingly break the law but they will also happily lie to your face about it.
RNprn t1_j53ehzm wrote
IME, NL is strict about staff adhering to HIPAA laws.
runner64 t1_j52zjh6 wrote
I asked for a record of my file for two years before finally hiring a lawyer who had to literally subpoena them before they’d give me a copy which, ohbytheway, was missing relevant information and documents.
Standsaboxer t1_j51yag5 wrote
I've worked a bit in this space and while OP's friend has some evidence her data was accessed inappropriately, I've found that in most cases the person thinking their record was leaked actually just told people they should not have trusted about their health and that just got through the rumor mill.
ThrillHouseofMirth t1_j52gajd wrote
OP is just another person that thinks that if they're suffering for any reason somebody somewhere should get fired. Pretty typical way for people to think.
Guygan t1_j50prqa wrote
> I will put the link to all the information in the comments
[links to a TikTok.]
Lol. I’m really hoping it’s some person doing a “shuffle dance” all about medical privacy.
Standsaboxer t1_j50tivw wrote
You would be disappointed.
SnooDucks3584 OP t1_j50ym2l wrote
Did the tik tok not have the info or?
WildWook t1_j51by36 wrote
Lmao tiktok is a profoundly dumb way to do this. File a complaint with the police. HIPAA is law.
SnooDucks3584 OP t1_j51ci1e wrote
She’s tried all avenues. Bringing to social media was the last resort. This wouldn’t be here if it was actually getting handled
raynedanser t1_j51d89n wrote
What about locL news? The paper? Put them on blast!
SnooDucks3584 OP t1_j51dcy4 wrote
It will be airing on one news station soon
WildWook t1_j51du31 wrote
I dont understand, are you telling me the police told you it wasnt a crime and there was nothing they could do?
SnooDucks3584 OP t1_j51dz0v wrote
WildWook t1_j51e3im wrote
No. Feel free to type it out or not idc. Good luck
lucianbelew t1_j51y0ql wrote
Nobody has time for your video and TikTok is fucking cancer. Type out the information.
DidDunMegasploded t1_j522m0u wrote
Just type it in a note in the Notes app on your phone. Make a Facebook burner account and post it. Really, there are a ton of other avenues than TikToxic.
Seyword t1_j55c497 wrote
Why did you delete the post?
SnooDucks3584 OP t1_j55jcs9 wrote
I didn’t..?
Seyword t1_j55k3tu wrote
Your original post says it’s been removed
SnooDucks3584 OP t1_j55k857 wrote
That’s crazy it happened to the previous one I had made
SnooDucks3584 OP t1_j55kb4u wrote
Don’t worry I’m getting outta work early and I’m gunna write everything up instead of the videos. I’ll still link the videos too tho
ebai4556 t1_j51kwp4 wrote
Last resort…? You didnt try very hard theb
knupaddler t1_j516lqd wrote
not everyone can access tiktok
Delicious_Rabbit4425 t1_j51l6jw wrote
Concerned about privacy but loads to TikTok that has admitted to collecting user data and shipping it to China.
kjimdandy t1_j51n1hd wrote
Your friend needs to do the following things in this order:
- immediately file for a restraining order from the ex-boyfriend
- get a lawyer involved ASAP
- file a breach with HHS
Coffee-FlavoredSweat t1_j523bur wrote
Surprising, but she claims to have already contacted a lawyer (probably couldn’t afford the fees). She also complained to HHS, OCR, DOJ, and Joint Commission (whatever that is) and all of them said there was nothing to investigate, or it wasn’t their jurisdiction.
Kind of shitty, but it seems like the social media blitz is having effect; Northern Light is actually paying attention now.
IBOstro t1_j52jjaj wrote
There is a thing called a Protection From Abuse (PFA), and a court ordered No Contact order, but afaik there is no such thing as a restraining order.
I only mention it because this is what I found out when I went to try to get one a few years ago. You don't need a lawyer, just go to your local courthouse and ask for the form and a handbook that explains what each does. Wishing OP best of luck.
lipsticknic3 t1_j516szj wrote
This was just a couple days ago at PCHC. They wanted me to fill out a basic info form, it's yearly. One of the questions is your social security number.
I refused bc she had this pile of them that she was collecting, just... out. No folder, nothing. When I walked up she didn't put them away.
I know it's kind of minor but I also think it's major. Just treating people's PCI with no regards.
I'm afraid to report it bc I know PCHC will retaliate against me.
When I said something to her about this she had the look of someone who realized they fucked up. Idk. Idk if I'm making a big deal of it.
It just really put me off.
ETA I'm so, so sorry this happened to you. And they've got legal teams like crazy. Something similar happened to me and not only did pchc blame me but they pretty much wouldn't let me book apps for 6 months. I'm so sorry.
coolcalmaesop t1_j51nbw9 wrote
Hi- I just want to tell you that PCHC did retaliate against me years ago and to protect yourself.
I had left a negative google review (obviously with my name attached cause I was young and dumb) about a particular nurse practitioner without mentioning her name, and stopped seeing her altogether.
Over a year after I had stopping going to that clinic she accessed my records and made alterations that included removing my reason for seeing her (back pain that turned out to be the genetic autoimmune disease I kept telling her my father and his father have) and diagnosed me as a currently suicidal narcissist.
It sounds so fucking insane just typing this.
lipsticknic3 t1_j51o7b7 wrote
My jaw just freaking dropped. Are you kidding me?!?!? And I would not put it past them. Not for one moment. Holy shit. And then it's like anywhere you go, .... that's so incredibly damaging and fucked I. How did you find out about this? Holy crap. I'm so, so sorry this happened to you. And bc of a freaking Google review? That's terrifying.
coolcalmaesop t1_j51pndc wrote
I would have never known about it had I not accessed my records online to print and bring to a new specialist. I just looked in my email and still have the proof. I documented it all but I didn’t know what to do and it didn’t go anywhere.
Around the time I found out that she altered my records, I was a nanny and telling the housekeeper that cleaned for the people I nannied for about the incident because she was telling me about a nurse at PCHC who was sending her husband inappropriate Facebook messages after their visits. I almost fell out of my pants when I found out we were discussing the SAME FUCKING WOMAN.
You can access the states licensing website, and I found out that she has been disciplined for unprofessional conduct but is now practicing again in that area still. I want to share her name but I’m afraid mods will remove it.
biglymonies t1_j51nc4h wrote
> I'm afraid to report it bc I know PCHC will retaliate against me.
Retaliation is a huuuuge no-no and can result in the loss of license to practice as well as some really heavy fines. The regulatory bodies for healthcare providers in the state can and will absolutely fuck them up for this.
https://www.hhs.gov/hipaa/filing-a-complaint/complaint-process/index.html
What you took a photo of us a pretty clear violation of HIPAA - those documents, if they contain HIPAA-protected data (PII and the like) - are required to be in a folder with a cover sheet when not in use. Reconciling the sheets on clear display with actual physical copies by the investigatory body will take like two seconds, and they'll be at fault. The fact that you were able to snap a picture of those documents is absolute proof that a violation occurred.
Report it.
fastIamnot t1_j51fvle wrote
I skip my SSN. No way. I’ve never been questioned about it.
lipsticknic3 t1_j51n4av wrote
That's what's up. I was just absolutely horrified to see the lack of responsibility of this info being out on the desk. Realistically, could I read one of those numbers and memorize? Probably not. But the lack of... idk, ... those forms shouldn't have just been loose and out like that. Just makes me wonder where else they are loosely handling PCI. I've been wanting to leave PCHC for the past year and this was the bump I needed to start looking.
eljefino t1_j52x7hp wrote
I skip mine most of the time but filled it in once when I took my toddler to the ER. (I didn't want to be "difficult.")
Now that medical group auto-populates it for me. Great.
Twerks4Jesus t1_j51m3pq wrote
https://www.hhs.gov/hipaa/filing-a-complaint/index.html
What kind of health care worker are they specifically?
SnooDucks3584 OP t1_j51mfak wrote
Non licensed, bottom of totem pole
Twerks4Jesus t1_j51mns5 wrote
Yeah but what are their specific job titles? They must report to a person with a license. I would start there and report who ever is supervising them.
SnooDucks3584 OP t1_j51mr0f wrote
Not a bad idea
Twerks4Jesus t1_j51n2f4 wrote
What department was it? Were they pharmacy? nursing?
snowellechan77 t1_j51p1zu wrote
What exactly are you expecting random people to do?
MisterMan-Maine t1_j522y33 wrote
Attach bayonets
Little-Kid-Lover__ t1_j51t9lt wrote
Get there pitchforks out ofcourse
snowellechan77 t1_j51u0ds wrote
Their
SnooCats7847 t1_j515hmv wrote
Oh my god, that is so terrible. I’m sorry she had that experience. Totally reckless and unprofessional.
OriginalGordol t1_j522unf wrote
Your friend needs to file complaint(s) with HHS.Gov if they haven't yet already. And a restraining order against the ex.
EMMC, too far for me to recommend they move their care over to a MaineHealth hospital (I think Waldo County General is the closest in Belfast) (note: I work for MaineHealth and we take this kind of thing very seriously). St. Joseph's, part of Covenant Health, might be a good alternative.
IamSauerKraut t1_j517je6 wrote
Given the allegations within the post, this is a matter which should be referred to the DA's office with jurisdiction over the hospital or where your "friend" resides. If in 2 separate counties, send to both county DA's plus the state AG's office.
Standsaboxer t1_j51yi8j wrote
Except this isn't int the jurisdiction of any DA. Its a civil matter handled by the AG.
No one should follow any advice you give because its always wrong.
Definitelynotcal1gul t1_j520ibo wrote
When I worked at a health center we totally had this kind of thing audited. The company lawyer would review for any unauthorized access and she would fire people on the spot for violation of HIPAA.
It may be time for you to get lawyers involved.
SnooDucks3584 OP t1_j52ikxd wrote
I feel like everyone’s missing the point that it’s not just about her at this point. If it’s happening to her then how many of you is it happening to and you don’t even know! That’s alllll of your private information. Social security number, medications, diagnosis’s, notes in your chart, shit you’ve probably never told anyone but those people. You’re really okay with all of that?
Standsaboxer t1_j533ucc wrote
Your friend also said she’s spoken to a few lawyers and none of them are willing to take on the case.
I fee for your friend here but I feel like there is a lot of context we are missing here.
How/why is her ex sharing info over Tinder? That part makes no sense.
Mithryl_Ivy t1_j52xj4e wrote
I refuse to go to Northern Light. I’ll bleed out first. My primary doctor left practice when Northern Light took over. He called me into the office, told me what some of their practices were and to avoid them at all costs. I know of multiple lawsuits against them. And yet they keep growing in spreading across this state.
It is true what I’ve read in the comments. This does not just effect one person.
SnooDucks3584 OP t1_j532g21 wrote
Don’t forget to like and share the video! Everyone should know!
forcryeye t1_j515qif wrote
You need to be more public about these abuses. Post on FB, write to the Ellsworth American and apprise people that your privacy was violated by 4 employees "at a major local medical provider", advising people of their medical privacy rights under federal and state law. I was a Privacy Officer at that place, so I know for sure that these actions are listed under "causes for termination". Did they fire them? Can they 'guarantee' these 4 employees will never again have access to medical data? Find out if their commitment to employee discipline policy is greater that their commitment to patient medical privacy, and publicly report the results.
Unfortunately you can't sue for these kind of things. The only thing they can do is fire the 4 employees involved. You can in turn threaten to do harm to the hospital's reputation.
SnooDucks3584 OP t1_j51dm5q wrote
runner64 t1_j530ygz wrote
I’m on your side but at the same time this is, I think, the worst possible way this information could have been presented.
SnooDucks3584 OP t1_j531i3s wrote
The video I linked in the original post should explain everything. It would have been pretty much a book if I wrote everything out. Plus everyone always wants “prove” which idk if that matters lol what should matter is the fact that if you’ve gone there, there’s a chance someones discussed your information and doesn’t care
runner64 t1_j531znn wrote
I can’t hear well so what I’m seeing here is text on top of emojis on top of text on top of photos. I have absolutely no doubt that Northern Light did everything they’re being accused of but this is indecypherable and will do nothing to persuade people who didn’t already hate them.
SnooDucks3584 OP t1_j532dlh wrote
I’ll take the time to write up everything from the videos and link it to this original post.
Dubluck88 t1_j526xna wrote
If the employees are licensed health professionals, report them to their licensing agency. If they're employees that work under the direct supervision of licensed health professionals, still report them. Get their attention and hold them accountable.
[deleted] t1_j52g4vl wrote
[deleted]
SnooDucks3584 OP t1_j51dj9q wrote
Coffee-FlavoredSweat t1_j525g5v wrote
I know your friend says she’s already called a lawyer and gotten nowhere, but I think she needs to call another one.
She can’t sue for HIPAA violations, because there’s no cause of action in the law that allows for it. But she can sue for other torts like breach of confidentially.
This is a strikingly similar situation where the victim tried to sue for HIPAA violations and lost their original case, but then changed it to breach of confidentially on appeal and was awarded almost a million dollars.
MathematicianGlum880 t1_j5116qp wrote
Yet, my oldest wife isn’t allowed to look at his records EVER and she works in the medical field. Something wrong with this picture. She needs to get Protective from abuse papers.
Standsaboxer t1_j516drc wrote
> Yet, my oldest wife
How many wives do you have?
>isn’t allowed to look at his records EVER and she works in the medical field
You can absolutely request a copy of your medical records. Usually this has to go through the records department and falls into a queue with other requests. Lot's of health care employers require that you go through this process to request your records and not look yourself up in their EMR (others have no problem with it).
SaberToothGerbil t1_j51dfxa wrote
It sounds like they were referring to their oldest child's wife not being allowed to look up family records she has access to through her job, as you say they likely require them to go through the formal process.
Standsaboxer t1_j51e5ta wrote
I figured it would be something silly like that. Just one of those things that I couldnt reconcile.
Majestic-Feedback541 t1_j51no5d wrote
I'm going to imagine you mean your oldest brother's wife? Or oldest child's wife.
MathematicianGlum880 t1_j52bd2e wrote
Yes..thank you.
SnooDucks3584 OP t1_j51d7r8 wrote
For everyone that wants to see that she’s tried all sorts of avenues before social media. She’s got updates on here. I will also be posting the photos that are within the videostried everything else
SnooDucks3584 OP t1_j50msba wrote
Standsaboxer t1_j50rzyy wrote
Your friend should file a claim with the Office of Civil Rights.
It sounds very unfortunate but I am not sure what sort of “justice” you are wanting here. These get-your-pitchforks post tend to end very badly for anyone innocently involved with the guilty party.
metalandmeeples t1_j50wmid wrote
The friend should get a lawyer if they don't already have one.
Standsaboxer t1_j50yal0 wrote
They should but it won't help with the HIPAA violation. HIPAA does not allow for private action.
metalandmeeples t1_j50za3w wrote
Not for the purpose of a lawsuit, but rather to assist with proving if HIPAA compliance was broken.
Standsaboxer t1_j511ag6 wrote
If you watch the linked TikTok, Northern Light Health did an audit and found a couple of accesses that may have been less than legitimate, but its really unclear if these people are connected to OP's "friend's" ex. It also seems like all offending parties no longer work for Northern Light.
metalandmeeples t1_j512d98 wrote
I guess my point is sort of in agreement with you. We aren't the experts here and none of our opinions really matter in the end.
IamSauerKraut t1_j518zlr wrote
While HIPAA does not allow private lawsuits against the health provider there is no prohibition against pursuing damages for violations of privacy or device access laws (these are not part of HIPPA).
Standsaboxer t1_j51a9px wrote
Please show me in the below statute where this is qualifies as violation of privacy:
https://www.mainelegislature.org/legis/statutes/17-a/title17-asec511.html
Also what "device access laws" are you referring to? Or is this going to be another exercise in reminding you how poor your understanding of the law is?
IamSauerKraut t1_j51e60b wrote
LOL.
Is this you? https://www.notguiltyattorneys.com/maine-computer-crimes-and-the-laws/
Standsaboxer t1_j51ef3y wrote
I wish I made lawyer money but nope.
IamSauerKraut t1_j517zv9 wrote
>Your friend should file a claim with the Office of Civil Rights.
A number of agencies, state and federal, have an "Office of Civil Rights," but I'm not sure what civil right would be involved. Releasing medical info to members of the public as alleged appears more of a criminal act subject to investigation/prosecution but the county DA or the state AG's offices.
Standsaboxer t1_j518qrw wrote
> A number of agencies, state and federal, have an "Office of Civil Rights," but I'm not sure what civil right would be involved.
HHS Civil Rights. Sorry--I should have clarified that.
> Releasing medical info to members of the public as alleged appears more of a criminal act subject to investigation/prosecution but the county DA or the state AG's offices.
Is there a statute supporting that? My understanding is that handling of health information is entirely in civil law.
IamSauerKraut t1_j51acad wrote
>My understanding is that handling of health information is entirely in civil law.
HIPAA is not the only law covering the release of prohibited (non-public) records. HIPAA is federal. State law appears more at issue, particularly device access. Some prosecutor's offices will pursue; others, not so much.
Standsaboxer t1_j51fcqp wrote
The statute AG's office can bring civil action against the individual. County DA's don't have jurisdiction.
Also please provide some reference to "device access laws" you keep talking about unless you are pulling that out of your ass.
ragtopponygirl t1_j52krgi wrote
I'm a big Simon and Garfunkel fan too!
IamSauerKraut t1_j52xhlk wrote
Since you don't "make lawyer money," I have my doubts as to your understanding of anything I post.
Standsaboxer t1_j52z1iw wrote
Anytime you wanna prove me wrong with statutory references I am willing to listen. Otherwise I assume everything you say I assume is to tickle the feels before reals per of your brain.
IamSauerKraut t1_j52zc77 wrote
When you go into a courtroom, do you confuse mens rea with diarrhea?
Standsaboxer t1_j5320vk wrote
What?
IamSauerKraut t1_j53cax4 wrote
You've never been in a courtroom or you do not know what a courtroom is, but you presume to lecture me on the law. huh
Standsaboxer t1_j54nm6q wrote
You don’t even know the difference between criminal and civil jurisdiction.
IamSauerKraut t1_j554nty wrote
You don't know what I know.
Lostnumber07 t1_j50x09r wrote
Your post history looks like everyone you know is in trouble or medically getting jacked over.
Standsaboxer t1_j50zlqi wrote
OP also accused the mods of working for Northern Light Health.
There seems some truth--I watched the TikTok video and it does show a letter verifying that OP's "friend" had some people access PHI in less-than-legitimate circumstances. That being said I have some experience in this area and almost always its the patient oversharing their own information to people they shouldn't trust.
I also don't know what sort of "justice" OP wants here. It seems like all offending parties no longer work for Northern Light.
Jakelshark t1_j5163lh wrote
To sue for emotional distress allegedly caused by HIPPA violations? That's the best I got... But I'm not sure how liable they would be.
Standsaboxer t1_j517t4b wrote
You actually can't sue for HIPAA breaches. HIPAA states that you have to file a complaint with the HHS Office of Civil Rights and they access if a HIPAA breach occurred and they will fine the health care entity if they determine it happened.
The person with the TikTok said she has been to several lawyers and they have all turned her down.
Jakelshark t1_j51j56o wrote
I'm sure that's true. I just meant suing in civil court in general for emotional damages stemming from HIPAA violations which enabled a stalker. It's not suing for the breaches, it's suing for the damage caused by the breach. But also it seems like an uphill legal fight when the hospital seems to have dismissed all the violators. (And that's assuming the stalker has a police record, restraining orders, etc)
SnooDucks3584 OP t1_j517iov wrote
Two of the four were let go as far as we’ve been notified but you need to understand this is ongoing since 2021 and they JUST got fired
Standsaboxer t1_j5185df wrote
Do you want the other two fired?
SnooDucks3584 OP t1_j518goo wrote
Of course it’s disgusting they haven’t been yet
Standsaboxer t1_j519159 wrote
Are those the two that aren't outwardly connected to your "friend's" ex?
SnooDucks3584 OP t1_j51a6lf wrote
They won’t share the other two peoples names because… HIPAA…
Standsaboxer t1_j51alhi wrote
HIPAA does not protect employee records.
SnooDucks3584 OP t1_j51at80 wrote
Tell the hospital that 😂 that’s what they told her
DidDunMegasploded t1_j522ptw wrote
Time to send the r/thathappened hounds to investigate.
DivineAuroraKiss t1_j512gl7 wrote
Your friend needs to ask for a record of their file. They may have filled out a release form at one point giving their said boyfriend (now ex boyfriend) access to their records and never asked for the ex to be remove.