HIPAA Horror Stories

Negligent Naked Pics

one-minute read

Twelve patients sued a St. Louis, Missouri, plastic surgeon after discovering their pre- and post-surgery breasts were displayed, complete with their identities, on their physician’s website.

While the patients had provided written authorization for their images to be displayed, their identities were to to be protected, according to a St. Louis Post-Dispatch report.

The problem occured when the images were uploaded to the website. Dr. Michele Koo, allegedly, failed to rename the files or edit the image description text, which immediately became searchable from anywhere in the world.

Creating content on most medical practice websites is as easy as creating a Facebook post. Dr. Koo said she believed her patients were protected because her website was managed by Mednet, a company that specializes in medical websites. But as soon as the lawsuit was filed, that company distanced itself from their client.

In their 2011 lawsuits, patients claimed Dr. Koo was negligent in her use of their protected health information.

According to The Post-Dispatch story, Mednet blamed Koo for the privacy breach. “(Mednet) did not post, control, or influence the content.” The company also claimed legal immunity as a website host under the Communications Decency Act. One thing is clear, neither understood HIPAA.

A visit to Dr. Koo’s website still reveals before and after images, but the image file names appear to have been edited to protect patient identities.

The HIPAA E-Tool® makes compliance fast and easy. Get your free HIPAA Quick Start kit, complete with a webcam privacy guard, HIPAA Hot Zone labels and a HIPAA checklist delivered directly to your office.

Don’t become a HIPAA Horror Story! HIPAA compliance is easy, when you know the rules.

Request A Demo

Copyright © 2019 The ET&C Group LLC.
The HIPAA E-Tool® is a registered trademark of The ET&C Group LLC
Terms of Service | Privacy Policy

Free hipaa kit!

hipaa compliance Quick start kit
Delivered free