Pension & Benefits News Employee who viewed rival’s patient records was fired for HIPAA violation, not FMLA leave
Friday, January 25, 2019

Employee who viewed rival’s patient records was fired for HIPAA violation, not FMLA leave

By Pension and Benefits Editorial Staff

Granting summary judgment against FMLA interference and retaliation claims by a medical secretary, who was fired after computer records showed she repeatedly accessed patient records of a romantic rival in violation of hospital policy and HIPAA, a federal magistrate in Pennsylvania explained that the employee was granted all leave requested so could not show any prejudice from her supervisor’s alleged behavior in requiring recertification and questioning her need for leave. Nor could the employee raise a causal connection between her discharge and her use of FMLA leave, particularly considering the intervening event of her HIPAA violation.

FMLA leave. The employee was a medical secretary in a hospital cardiology practice. From 2008 through 2016, she was granted numerous periods of FMLA leave to care for her daughter, who has asthma. She was granted intermittent leave from February 2016 through Feb 2017, but in July she applied for recertification to take leave with greater frequency. The parties disputed whether a supervisor told her to apply because she was taking more than approved. Regardless, she was approved again. Meanwhile, the employee claimed her supervisor harassed her because of her leave, questioning how sick her daughter really was and asking for a doctor’s note for each absence, though policy didn’t require that.

HIPAA policies. Under the employer’s computer usage policy, as well as a HIPAA agreement signed by the employee and other healthcare workers, only those "directly involved with the patient’s care" can access the patient’s medical records and employees are prohibited from accessing programs, files, or documents without authorization. Both stated that violations could result in discipline, including termination.

Allegedly accessed records of romantic rival. Starting around June 2016, a former girlfriend of the employee’s husband allegedly started harassing her with phone calls, letters, and texts saying she was going to steal the employee’s husband, among other things. In September 2016, the former girlfriend, who was a patient of the hospital’s OBGYN practice, complained to the hospital that the employee must have accessed her medical records because she possessed information that she couldn’t have gotten any other way.

Fired for HIPAA violation. The employer investigated, and its audit showed the employee viewed the other woman’s medical records multiple times. The hospital’s chief compliance officer decided the employee should be terminated, though she first obtained approval from the labor relations group, from the HR director, and from the chief operating officer. The employee’s supervisor was not part of that decision.

No FMLA interference. The employee claimed the employer interfered with her FMLA rights by discouraging her from taking leave through her supervisor’s conduct of questioning her daughter’s illness, demanding doctor’s notes, and increasing her workload or otherwise giving her "a hard time." However, the court pointed out that her leave requests were granted "every single time," so she could not show that she was prejudiced by the alleged violations. Likewise, she showed no actual harm from the supervisor requiring her to recertify midway into approved leave. Summary judgment was therefore granted against her FMLA interference claim.

No retaliation. The FMLA retaliation claim also failed. For one thing, the six-week proximity between the employee’s last protected activity and her termination was not, by itself, enough to make a prima facie showing of unlawful animus. And though she said her supervisor gave her a hard time for using FMLA leave, it was undisputed the supervisor did not start the investigation leading to the employee’s termination. Instead, it was initiated by a manager in the OBGYN practice in response to a patient complaint of a possible HIPAA violation. And the decision to fire the employee was not made by the supervisor either. Furthermore, any inference of causation raised by her evidence was destroyed by the employee’s intervening misconduct in reviewing a patient’s medical records without authorization.

Even assuming the employee made a prima facie case, she could not show the legitimate reason for her discharge—her violation of privacy policies and HIPAA—was pretextual. Her sole argument was that the investigator failed to interview her, so the investigation was inadequate. However, computerized records proved beyond dispute that she accessed patient records multiple times in violation of HIPAA and hospital policies, which was a terminable offense. The investigator testified that, based on this, she found it unnecessary to interview the employee, and there was nothing inherently unbelievable about that testimony.

SOURCE: Hernandez v. Temple University Hospital, (E.D. Pa.), No. 17-4381, January 8, 2019.

Back to Top

Interested in submitting an article?

Submit your information to us today!

Learn More