MKT 3610-W1 Fall 2014
16 November 2014
Ethical, Social, & Political Issues in E-commerce: Criminal Liability & HIPAA Criminal Liability is defined as the responsibility for any illegal behavior that causes harm or damage to someone or something.1 Criminal Liability just so happens to be the center of a case involving Andrea Smith from Trumann, Arkansas. Andrea Smith violated the Health Insurance Portability and Accountability Act, or HIPAA as most people know it.
Employers and individuals who have wrongfully accessed protected health information can face not only criminal consequences under HIPAA, but also prosecution under numerous other federal criminal laws.2 In this case, Andrea Smith intentionally violated Health Insurance Probability and Accountability Act regulations.
In the article by U.S. Department of Health & Human Services, Understanding Health Information Privacy, it briefly describes the way HIPAA works: “The HIPAA Privacy Rule provides federal protections for individually identifiable health information held by covered entities and their business associates and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of health information needed for patient care and other important purposes. The Security Rule specifies a series of administrative, physical, and technical safeguards for covered entities and their business associates to use to assure the confidentiality, integrity, and availability of electronic protected health information.”3
This is also considered a white-collar crime. According to Wikipedia, typical white-collar crimes include: fraud, bribery, Ponzi schemes, insider trading, embezzlement, cybercrime, copyright infringement, money laundering, identity theft, and forgery.4 This particular case involved bribery, fraud, and cybercrime.
This case was prosecuted by the U.S. Attorney’s office in the Eastern District of Arkansas.5 It also proved to the public that there is an increased level of enforcement by the government of the criminal
sanctions controlled in the federal medical privacy law. Such sanctions are enclosed within the administrative simplification provisions of HIPAA.6
Andrea Smith was a licensed practical nurse who worked in a medical clinic, called Northeast Arkansas Clinic (NEAC), in Jonesboro, Arkansas. Smith purposely retrieved protected patient information illegally while working at the clinic, according to the indictment of the case. She accessed the protected health information from a medical record of an unidentified patient, who was a current patient at the clinic, on November 28, 2006.
After obtaining the personal medical records of the patient, Andrea later shared the information with her husband, Justin Smith, for personal gain. Her husband, in turn, called to inform the patient that very day that he was going to use the information against the patient in an “upcoming legal proceeding”.7 There was no specific information on the upcoming legal proceeding of the patient or vise versa between Andrea and Justin Smith. Andrea Smith openly shared protected private health information with her husband, who wasn’t an employee of the clinic, nor had a relationship with the patient to receive the information legally. Therefore, as a punishment, in December 2008 Andrea Smith was sentenced by the United States Attorney Eastern District of Arkansas’s office to probation and community service.8 Andrea Smith and her husband, Justin, violated the HIPAA administrative simplification act. They planned and conspired to wrongfully use and disclose the protected personal health information for personal gain and benefit. For doing so, on December 5, 2007, they were indicted on charges of conspiracy to violate, and commit substantive violations of, the HIPAA privacy provisions. In conjunction with a plea agreement with the United...
Bibliography: "Cambridge Dictionaries Online." Cambridge Dictionaries Online. Cambridge
Dimick, Chris. "Nurse Prosecuted over HIPAA Breach." Journal of Ahima. American
Health Information Management Association, 2014
Mondaq. Mondaq, 1994-2014. Web. 30 Apr. 2014.
Web. 30 Apr. 2014.
"Wikipedia." The Free Encyclopedia. Wikimedia Foundation, 24 Apr. 2014. Web. 30
Wood, Debra. "Nurse Pleads Guilty to HIPAA Violation." Nurse Zone. AMN
Please join StudyMode to read the full document