Michael J. Kline and Elizabeth G. Litten were quoted in the Medical Practice Compliance Alert article, "Loss of Patient Records Grounds for Denying Unemployment Benefits." Full text can be found in the September 15, 2014, issue, but a synopsis is noted below.
Having strong HIPAA policies can help keep an employer from having to pay unemployment benefits to an employee fired for losing protected health information (PHI), even if the records were not compromised.
A mental health center will avoid paying unemployment to a former employee who dropped a flash drive with PHI in the parking lot after a judge overruled the Minnesota Department of Employment and Economic Development, finding the employee engaged in misconduct by not protecting the information on the drive with a password in accordance with the company's policy.
But if a company is to single out an employee for harsher punishment, they may be liable for "all kinds" of discrimination and wrongful termination claims, cautions Elizabeth Litten.
According to Michael Kline, companies should always make sure that devices with PHI are password protected and ensure employees know the ramifications for violations.
"They need education (about HIPAA) and to sign forms acknowledging their understanding," said Kline.
Kline also cautions that companies should apply employment policies consistently.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.