Northwestern Memorial Hospital recently found itself in hot water when a potentially volatile, internal, Protected Health Information (PHI) breach came to light. Dozens of employees were reportedly terminated for accessing the patient records of the television celebrity, Jussie Smollett, without proper authorization.

Jussie Smollett, an actor playing a role in the TV drama, Empire, was charged with filing a false police report in January detailing an alleged assault that took place on his way home from a Subway restaurant. Smollett was treated for minor injuries sustained in the alleged attack at Northwestern Memorial Hospital in Chicago.

Many of the employees claim that they were fired without due cause and assert that they were not searching for, or intending to access, Smollett’s records. Some were allegedly fired without being given the opportunity to tell their side of the events or for simply scrolling past the records. Even simply searching his name in the system, without having the appropriate authorization and a reason for doing so, was considered a breach of HIPAA regulations and warranted termination in some cases; these employees were breaking HIPAA’s Minimum Necessary Standard.

These allegations could potentially carry the weight of federal and criminal penalties. So, naturally, those employees who were dismissed without accessing his records are seeking to vindicate themselves as remaining in compliance with HIPAA and company policies. However, some admit to being overcome with curiosity despite denying actually opening the records in question. Regardless of their alleged innocence, Northwestern Memorial hospital will be forced to submit a report of the breach to the Department of Health and Human Services (DHHS).

Various outlets reached out to Northwestern Memorial for an official statement regarding the current situation regarding the terminated employees. A hospital representative responded to these requests for information by declining to comment; instead, citing HIPAA restrictions, and company policy, that forbade him from discussing any employee’s current employment status.

According to a nurse, who wished to remain anonymous, these terminations, which reportedly numbered as high as 50 individuals, according to information provided by NBC Chicago, were being carried out across multiple Northwestern hospital facilities throughout the Chicago area.

“Officially, we have been told that every employee involved in the breach of Mr. Smollett’s HIPAA information was terminated,” the nurse explained in the NBC article.

Northwestern Memorial hospital is now working to circumvent the threat of potential legal backlash if Mr. Smollett decides to sue for the inappropriate handling of his PHI. Understanding and learning how to best deal with, or avoid entirely, this exact scenario is what HIPAAgps is designed to do for businesses that require HIPAA compliance. Try our service for a 7-day, Risk-Free trial today.