This case involves a woman whose roommate accessed and shared her sensitive medical records without her consent. Leading up to the event, the woman and her roommate had gotten into a dispute. Because of this dispute, the roommate vengefully logged into the plaintiff’s online records using easily-ascertainable personal information and sent the medical records to the woman’s partner. The records contained information regarding the woman’s history of an incurable sexually transmitted disease which her partner was unaware of. It was alleged that the hospital was negligent in providing sufficient security barriers for accessing sensitive records. An expert in electronic health records was consulted to determine if the hospital was in violation of any regulations that may have forbidden certain information from being accessible online.
Question(s) For Expert Witness
1. Please briefly discuss your background with electronic health records.
2. Have you encountered a similar scenario in your practice? How are such cases typically prevented?
Expert Witness Response E-070077
I have been involved with electronic healthcare records (EHR) as an end user, analyst, and administrator for 30+ years. This covers the spectrum of EHR - configuration, support, technical components, and clinical workflows, among others. I have not encountered an external security breach but several internal security breaches at a hospital with individuals accessing medical records beyond their scope of practice - lab data, medical histories, and medications. For internal user access issues, different security access rights can be created to limit what a user can access. However, this doesn't stop someone with appropriate rights from looking at a patient they shouldn't be accessing. HIPAA privacy and security rules provide a framework that hospitals are held accountable to.
About the author
Victoria Negron
Victoria Negron has extensive experience in journalism and thought leadership in the legal space, with a background crafting content, whitepapers, webinars, and current event articles pertaining to the role of expert witnesses in complex litigation matters. She is a skilled professional specializing in B2B product marketing and content marketing. Currently, she serves as an Enterprise Product Marketing Manager at Postman, and previously held the position of Technical Product Marketing Manager at Palantir Technologies, where she developed her skills in launch strategies, go-to-market strategy, and competitive analysis.
Her expertise in content marketing was further refined during her tenure at the Expert Institute, where she progressed from a Marketing Writer to Senior Content Marketing Manager, and eventually to Associate Director of Content & Product Marketing. In these roles, she honed her abilities in digital marketing, SEO, content strategy, and thought leadership.
Educationally, Victoria holds a Master of Business Administration from the University of Florida - Warrington College of Business and a Bachelor of Arts in Literature, Art, and Hispanic Studies from Hamilton College. Her diverse educational background and professional experience have equipped her with a robust skill set in product marketing, content development, and strategic marketing initiatives.
