By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: Practice Pointers in the Wake of the Johns Hopkins Hospital Privacy Settlement
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > Business > Hospital Administration > Practice Pointers in the Wake of the Johns Hopkins Hospital Privacy Settlement
Hospital AdministrationPolicy & Law

Practice Pointers in the Wake of the Johns Hopkins Hospital Privacy Settlement

David Harlow
David Harlow
Share
4 Min Read
SHARE

Report-on-patient-privacy

Report-on-patient-privacy
An OB/GYN at Johns Hopkins was fired last year after a colleague reported her suspicions about a “pen-like device” that was always around his neck, and that turned out to be a camera. He had secretly photographed 7,000 patients over ten years while conducting pelvic exams. Ten days later he committed suicide. Last month, the hospital agreed to settle the class action lawsuit brought by patients whose privacy had been violated for $190 million.

My advice to health care providers (Covered Entities under HIPAA) in a story in Report on Patient Privacy in light of this case recognized the fact that there is no way to protect an organization against a determined bad actor, but there are ways to limit the damage that may be wrought by such an individual. Photography is clinically appropriate in a wide variety of situations, but given the attention that this case has been getting nationally, Covered Entities would be well-advised to review photography and recording policies and their implementation, and be sure to explain them carefully to patients.

Here’s an excerpt from the piece with some of my specific advice:

  • Ensure consent is appropriately received. For example,“obtaining informed consent for use of photography or other recording devices should be standard in both the research and treatment contexts. In the research context, institutional review board approval should be required in advance as well. Policies should mandate the documentation of informed consent before any recording may be made.”
  • Make it easy to complain. “If there is a strong culture of compliance, generally, in a practice or institution, then reporting of violations or suspected violations of whatever sort, via an anonymous tip line or other mechanism, may be promoted and used.”
  • Look beyond policies and procedures. “I don’t care how carefully you have plotted out your privacy and security compliance plan,” Harlow says. “It has to be implemented by the people in your organization, and if they have not bought in to the whole concept and taken the core principles to heart, then the plan can never truly be operationalized.”
  • Customize your approach. Make it homegrown, and provide training and education “not just with respect to the ‘shalts’ and ‘shalt nots’ in the privacy rulebook.”
  • Foster patient empowerment and “patient-centeredness.” When this is done, “patients speak up immediately if something seems amiss rather than harboring misgivings.”

CEs should take care to employ methods that fit “with a broader culture of compliance and patient-centeredness and patient empowerment throughout the institution,” Harlow concludes. “Unless this is done, an institution runs a greater risk of experiencing a local or general breakdown in the realm of patient privacy.”

There has been no announcement to date of an OCR investigation in this matter. As in the case of the recent story about “baby wall” photographs of newborns, some commentators note that the photographs in question are not identifiable as photographs of specific individuals and therefore do not raise HIPAA issues.

The damage done in this case to the trust of thousands of women is likely to be felt for years, as many members of the class — as well as other women — are likely to avoid the health care system in the future and therefore to bear a heightened burden of disease.

TAGGED:HIPAApatient privacy
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5KFollowersLike
4.5KFollowersFollow
2.8KFollowersPin
136KSubscribersSubscribe

Latest News

Florida Nurses Face Growing Licensing Risks: Understanding the Investigation Process and How to Protect Your Career
Florida Nurses Face Growing Licensing Risks: Understanding the Investigation Process and How to Protect Your Career
Nursing Policy & Law
July 2, 2026
Most Clinician Wellness Programs Are Built for a Schedule Nurses Don't Have
Most Clinician Wellness Programs Are Built for a Schedule Nurses Don’t Have
Career Nursing
July 2, 2026
Veneers vs. Crowns vs. Bonding: Understanding Cosmetic Options
Veneers vs. Crowns vs. Bonding: Understanding Cosmetic Options
Dental health Specialties
June 23, 2026
dental implants
Dental Implants and Quality of Life: What the Outcomes Data Shows
Dental health Specialties
June 23, 2026

You Might also Like

medical malpractice
MedicarePolicy & Law

5 Things to Do If You Suspect Medical Malpractice

May 14, 2024
Emergency room visits
BusinessHospital AdministrationPolicy & LawPublic Health

Would You Call 911 for a Hangnail?

April 1, 2014

David Harlow Interviewed on Health 2.0 TV

June 14, 2012
Hospital Marketing, Business Objectives
BusinessHospital Administration

How to Align Your Hospital Marketing Plan with Your Business Objectives

September 6, 2014
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2026 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?