The Ronald Reagan UCLA Medical Center has been fined $95,000 for a series of patient privacy breaches. Michael’s legal team discovered that his medical records had been improperly accessed after his death. It is not immediately apparent if those breaches were the subject of the $95,000 fine, or if that fine related to a different patient. The state report identified the person whose records were improperly viewed as a “deceased patient.”
The breaches began last June 30th, five days after Michael’s death at the Westwood hospital.
His legal team learned after his death that his medical records had been improperly accessed at Ronald Reagan UCLA Medical Center, according to a source close to the case.
The source, who asked not to be identified, said it was not clear whether the privacy breaches known to the Michael’s legal team were the same as those reported Thursday by state regulators, who have fined the prestigious hospital $95,000 for privacy violations, all related to the same patient’s records.
The state report identified the person whose records were improperly viewed as a “deceased patient.” UCLA spokeswoman Dale Tate declined to identify the patient involved or whether the patient was a celebrity. Officials at California’s Office of Health Information Integrity were still investigating the employees’ actions this week, spokesman Scott Murray said. They could potentially face criminal charges and financial penalties and they too declined to identify the patient.
Michael’s medical records were the subject of intense interest in the weeks following his unexpected death. In early July, The Times reported that unauthorised staff at the Los Angeles County coroner’s office had viewed Michael’s death certificate more than three-hundred times.
The hospital reported the first breach to the state August 5th after a medical school employee and an employee in the Department of Pathology and Medical Support Services were found to have accessed the patient’s records two days before. The medical school employee had even printed labels for laboratory tests that had been performed on the patient, according to the report.
Neither had any reason to access the records, the report states. On September 7th, hospital officials reported that they had discovered more violations of the same patient’s records by two contract workers with the hospital’s pathology billing service, according to the report. One accessed the patient’s records June 30th and July 9th, the other only on July 9th, the hospital reported.
In an interview with state investigators, hospital staff said they had spoken with the contract employees after the breach was discovered and that they “admitted inappropriate access, they were curious.”
All staff must now take and pass a compliance exam on patient privacy law. Extra audits will also take place to ensure patient’s privacy.