The Washington Post

Who is protected by patient privacy laws? Hint: not patients.

It’s time once again to point out that privacy laws, with their vague standards and selective enforcement, are more likely to serve privilege than to protect privacy.  The latest to learn that lesson are patients mistreated by the Veterans Administration and the whistleblowers who sought to help them.  According to the Washington Post:

Citing patient privacy, managers have threatened VA employees or retaliated against those who complain about agency misconduct, according to a key congressman and the union that represents most of the department’s employees.

“VA routinely uses HIPAA as an excuse to punish into submission employees who dare to speak out,” said Rep. Jeff Miller (R-Fla.), chairman of the House Committee on Veterans’ Affairs. He is leading a probe into the coverup of long wait times for VA patients.

David Borer, the American Federation of Government Employees’ top lawyer, listed a number of cases involving a VA claim of patient privacy used to stifle whistleblowers in a June letter to the department.

The Office of Special Counsel (OSC), which investigates whistleblower retaliation cases, is “very concerned about the misuse of HIPAA,” said Eric Bachman, an OSC deputy special counsel. “The potential chilling effect of even a small number of these HIPAA retaliation cases is a serious issue and one that should be addressed by the VA in short order.”…

Valerie Riviello is one VA employee who felt the lash of the department’s culture of retaliation.

A registered nurse at the Albany Stratton VA Medical Center in Upstate New York, Riviello said she was threatened with suspension and stripped of managerial duties after she complained last November about how a veteran was treated.

Riviello said the vet was unnecessarily restrained, with an arm and leg strapped to bedposts.

“They scared the hell out of me,” Riviello said with worry clear in her voice. “They sent me a letter saying I could go to jail.”

That threat came in the form of an e-mail to Riviello’s lawyer, Cheri L. Cannon, a partner with the Tully Rinckey law firm. The VA e-mail said that information Riviello provided Cannon “unlawfully includes medical records of a VA patient” and noted that violating HIPAA “is a felony offense subject to imprisonment and a fine of up to $250,000.”

Misuse of privacy law is now so common that I’ve begun issuing annual awards for the worst offenders — the Privies.  The Veterans Administration has officially earned a nomination for a 2015 Privy under the category “We All Got To Serve Someone:  Worst Use of Privacy Law to Serve Power and Privilege.”  The Department is in good company; here are the 2014 nominees.



Success! Check your inbox for details. You might also like:

Please enter a valid email address

See all newsletters

Show Comments

Sign up for email updates from the "Confronting the Caliphate" series.

You have signed up for the "Confronting the Caliphate" series.

Thank you for signing up
You'll receive e-mail when new stories are published in this series.
Most Read



Success! Check your inbox for details.

See all newsletters

Your Three. Video curated for you.
Next Story
Orin Kerr · July 18, 2014

To keep reading, please enter your email address.

You’ll also receive from The Washington Post:
  • A free 6-week digital subscription
  • Our daily newsletter in your inbox

Please enter a valid email address

I have read and agree to the Terms of Service and Privacy Policy.

Please indicate agreement.

Thank you.

Check your inbox. We’ve sent an email explaining how to set up an account and activate your free digital subscription.