Story at a glance
- A woman has reported that the results of her test for sexually transmitted diseases were posted to Facebook after a worker at a California hospital gained access to her medical records, according to a complaint shared by her attorney.
- In February 2022, S.B. learned that a Facebook page impersonating her had been created. The page posted copies of S.B.’s private medical records — including evidence of STDs and other “embarrassing” details — on the public page.
- After she reached out to Facebook to take the page down, S.B.’s attorney says it took more than a month for the posts to be removed.
CONTRA COSTA COUNTY, Calif. (KRON) — A woman has reported that the results of her test for sexually transmitted diseases were posted to Facebook after a worker at a California hospital gained access to her medical records, according to a complaint shared by her attorney.
For privacy, the woman was identified by the initials S.B. Her attorney, Torin Dorros, alleges that an employee at the Contra Costa Regional Medical Center in Contra Costa County gained access to S.B.’s personal medical records and released the information without the patient’s consent, in violation of the Health Information Portability and Accountability Act (HIPAA).
In February 2022, S.B. learned that a Facebook page impersonating her had been created. The page posted copies of S.B.’s private medical records — including evidence of STDs and other “embarrassing” details — on the public page.
After she reached out to Facebook to take the page down, S.B.’s attorney says it took more than a month for the posts to be removed.
In a letter written to S.B. on May 30, 2022, the Contra Costa Health Plan confirmed that her private medical information, including test results, had been posted to social media. The letter also shared tips for how S.B. could protect her information in the future.
Dorros argues that the worker shared S.B.’s private medical information in “a fashion to try and harm and cause emotional distress, embarrassment, and other harm.” S.B.’s coworkers also reportedly saw her private medical information, and Dorros said this made her so uncomfortable she left the role, losing out on money earned.
According to the complaint, the employee responsible for this incident was a contract employee, and therefore not technically employed directly by Contra Costa County. However, Dorros argues that regardless of her employment status, the hospital is still at least partially liable for her actions against S.B.
Dorros said in a statement:
“Protected Health Information (“PHI”) privacy breaches or violations in and of themselves carry with them, or inflict, an enormous amount of harm, especially emotional trauma, simply based upon the inherently personal and often compromising nature of the private information revealed. Many of my clients over the years have indicated that their specific PHI privacy violation was one of the most traumatizing experiences in their lives. That is why I feel so strongly about this area.
As to this specific case, I generally refrain from providing the press a lot of detail at the early stages/pre-litigation as I do my very best to work with the providers to try to achieve a reasonable resolution without the need for court intervention. That of course is not always possible, but I do my best to achieve that goal. I can indicate that the Hospital’s counsel to date has been nothing but professional and courteous and I look forward to continue working with her and the Hospital / County to hopefully get the parties to a place of resolution.”
Nexstar’s KRON reached out to Monika Cooper with Contra Costa County Counsel’s Office for comment on the matter, but the message was not returned.
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.