How JustAnswer Works:
  • Ask an Expert
    Experts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional Answer
    Via email, text message, or notification as you wait on our site.
    Ask follow up questions if you need to.
  • 100% Satisfaction Guarantee
    Rate the answer you receive.
Ask Dimitry K., Esq. Your Own Question
Dimitry K., Esq.
Dimitry K., Esq., Attorney
Category: Legal
Satisfied Customers: 41221
Experience:  Multiple jurisdictions, specialize in business/contract disputes, estate creation and administration.
18572087
Type Your Legal Question Here...
Dimitry K., Esq. is online now
A new question is answered every 9 seconds

A dental office just open emailed my entire dental records

This answer was rated:

A dental office just open emailed my entire dental records after reading me the riot act of the privacy act. This ignorant act has just exposed all my dental records to include complete exrays to the entire world.
Thank you for your question. Please permit me to assist you with your concerns.

Good grief. To whom were those records emailed? I am assuming this was obviously done without your consent. Who exactly obtained the copies, do you know?
Customer: replied 3 years ago.


The records were requested to be sent via USPS (mail) in writing. The clerk sent them unprotected to me via open email. This makes them accessable to the entire globe.

Joey,

Thank you for your follow-up. You yourself were sent the documentation in violation of HIPAA. But nobody, at least directly or to your knowledge, intercepted the communication. If I understand correctly, then you did not suffer any immediate harm--you may potentially suffer harm in the future if that email was intercepted, but at least so far you have no proof or evidence that took place, merely a concern and anxiety on this matter. That gives you the ability to contact the US Dept of Health and Human Services and filing a grievance against the office for their violation. HIPAA itself does not grant victims a personal cause of action, meaning that the victim would need to go through the governmental complaint process to get recourse, or sue for invasion of privacy. Here, that suit is not yet possible because third parties, to your knowledge, did not receive this information. Should this information somehow get out, then you could also sue the dental office privately for invasion of privacy, identity theft, and any direct injuries or losses, financial or otherwise, that you would obtain from their improper disclosure.

Hope that helps.

Customer: replied 3 years ago.


Anyone entering my name on the internet can see anything (especially pictures) about me that has been sent openly over the net. This exposes my records globally.

Joey,

If this was sent via email, email communications are not openly searchable online. Email communication is considered to be private, so if an email was sent to you from the dental office, those contents and images would not be visible to a regular layperson. If this was openly shared, such as via programs such as 'Google Docs', then I can understand your concern and you would be absolutely correct, but an ostensibly private and direct communication remains private. If you can find those images online then of course my answer to you would change, but private email is just that--private. (I am aware of the NSA-Prism scandal but as that has not yet been proven or otherwise confirmed, my answer would not change since a regular person without a governmental clearance or authorization, provided those allegations are true, would still not be able to see your information).

Good luck.

Customer: replied 3 years ago.

Perhaps you can explain the HIPPA situation. A boss gets everything he wants about my medical condition without my permission and HIPPA states to me that unless the nurse admits on her own she violated the HIPPA there is nothing they can do. Is this just another farce of our "protected" systems?

Joey,

I would be happy to explain HIPAA regulations to you (one P, two As). HIPAA is only relevant to specific 'covered entities' that are defined in the law. Those entities are split into three general groups, health care providers (doctors, clinics, offices, pharmacies, etc..), health plans (insurers, HMOs, etc...), and health care clearinghouses (entities that perform work as third parties, for example billing). Your boss would not be under HIPAA unless he is in the medical field, so him receiving your documentation is not a crime or a violation that can be attributed to him. But the party who sent the information, the nurse, IS a health care provider and is therefore covered under the law. There is no requirement that the nurse admit anything, if you can show that the email was sent without your express waiver (meaning a written document showing that you permitted the information to be disseminated), it is a violation. I am not sure who told you that the nurse has to admit anything, the act itself is sufficient to show that someone violated your rights.

Good luck.

Customer: replied 3 years ago.


My apologies about the misunderstanding. Allow me to clarify. I went to the hospital where I worked with Panemonea (spelling). My boss went to the nurse and because they knew each other she told him everything despite my specific demand not to. I reported the incident to HIPPA and after a two week inquirery HIPPA stated Unless the nurse admits what she said I have no case.

Joey,

I see. That is indeed a violation. Did your boss admit that he obtained your information? You may want to escalate it to the nurse's DON and contact the state licensing board also to report this nurse. I agree that this is a bit of a 'he said/she said' situation where there may just not be enough for them to pursue, but I really do not see this as a situation that you should simply let go.

Good luck.

Dimitry K., Esq. and other Legal Specialists are ready to help you