MUSC Health employee posted unauthorized photo of infant patient on social media

Charleston, S.C.-based MUSC Health recently notified the parent of an infant patient of a privacy breach in which an employee posted a photo of the baby on social media without parental consent, CBS affiliate WCSC reports.

As is required by law, MUSC Health notified Elizabeth Runge of the HIPAA breach in a letter explaining that a photo of her daughter had been posted online, with words written across her face. "Appropriate action was taken," the letter read, per WCSC, though the health system told Ms. Runge they could not legally give further details about those actions or the post in question.

In a statement sent to Becker's Hospital Review, Heather Woolwine, MUSC's public affairs and media relations director, said, "MUSC takes its commitment to protect the health information of its patients very seriously. … Although MUSC does not comment on individual HIPAA breach cases or personnel issues due to privacy and confidentiality laws, we can share that our Compliance Department conducts a thorough investigation of all reported potential breaches."

The statement noted that MUSC has reported a total of six social media-related privacy breaches in the past three years. Per Ms. Woolwine, "MUSC has a zero-tolerance policy for intentional and unauthorized HIPAA violations. Although MUSC must balance the privacy of its employees with the notification of the breach, we can say that MUSC has terminated employees for these kinds of HIPAA breaches in the past and will continue to do so."

More articles on cybersecurity:
14 healthcare privacy incidents in August
73 NCH Healthcare System employees fall victim to phishing attack
Mount Sinai alerts 33,000 patients of AMCA data breach

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Top 40 Articles from the Past 6 Months