Hospital records found on road

Partial patient records, payroll documents and other sensitive material from the Washington Hospital Center have been found scattered near the National Arboretum in Northeast, an apparent violation of federal privacy laws.

Employees of The Washington Times found the papers earlier this week, littering the service road off New York Avenue that links the newspaper’s property with the National Arboretum. The papers include employee time sheets, a hospital “income distribution report” with the names of 23 patients on March 28, patient identification numbers and room and bed charges. Payroll documents were from May.

“Our medical records themselves are very tightly guarded,” said Paula Faria, a spokeswoman for the hospital, located at 110 Irving St. NW. “This is not the kind of thing we ever want to see happen.”

Analysts of the federal Health Insurance Portability and Accountability Act call the incident a violation of federal privacy law, even though the patient billing records did not contain any information on medical conditions.

HIPAA is a sweeping set of federal rules designed to safeguard patient information, including billing records, and violations of the law can lead to civil fines of $100 to $25,000, or up to $250,000 for criminal violations.

“It would be far worse if the records showed patient conditions, but it’s not worse under the law,” said D’Arcy Gue, executive vice president of Maryland-based Phoenix Health Systems, a health care consulting firm.

“The law is very clear that billing information about people is private and is protected under the law,” she said.

Richard M. Campanelli, director of the federal Office for Civil Rights, which enforces HIPAA, declined to comment on the Washington Hospital Center records yesterday. But generally, he said, hospitals are required to comply with HIPAA, and billing records are considered private information under federal rules.

“Certainly, billing records … with a patient’s name are protected information,” Mr. Campanelli said.

Miss Faria said officials planned to investigate how the confidential patient records became littered on the side of the road.

“I don’t understand how it could have gotten there,” she said. “There are a million things that could have happened. It seems like somebody had it, then they lost it.”

“That being said, we want to figure out how the records got there,” Miss Faria said.

She said it’s possible that an employee brought a “mishmash” of work home with him or her, then misplaced the records.

“Speculation would be that it appears somebody took work home, so obviously it doesn’t appear to be something that somebody would have done purposefully.”

But Emily Stewart, policy analyst with the D.C.-based Health Privacy Project, said such records shouldn’t leave the hospital building with employees as “take home” work.

Story Continues →