Skip to content Skip to navigation

UC Medical Center Sued After Patient’s PHI Was Posted on Facebook

June 12, 2014
by Rajiv Leventhal
| Reprints

A woman has filed a lawsuit against the University of Cincinnati Medical Center after her medical record was allegedly posted to Facebook by her ex-boyfriend after he obtained the information from a hospital employee, according to an AP story run in the Columbus Dispatch.

The 20-year-old Cincinnati, Ohio woman, who recently filed the lawsuit in Hamilton County court, said that the events of the case were set in motion in September, when she refused to tell her ex-boyfriend why she was being treated at the University of Cincinnati Medical Center. The medical record posted on Facebook allegedly revealed her name and a syphilis diagnosis.

Her ex-boyfriend, identified as Raphael Bradley, 28, then contacted another woman he was romantically involved with who worked at the hospital, according to the lawsuit. That woman, identified as Ryan Rawls, looked up the woman’s medical record and gave it to Bradley, which was then posted to a Facebook page about allegedly promiscuous women, the lawsuit said.

The lawsuit seeks a minimum of $25,000, saying that since the Facebook post, the woman has lost friends, been harassed about her medical condition and has suffered extreme emotional distress.

In a statement responding to the lawsuit, UC Medical Center president and CEO Lee Ann Liska said that “the investigation revealed that the record had been accessed by a financial services employee who did not have a business reason to do so. This employee had been fully trained and acknowledged her responsibilities under law and UC Health policy, but apparently accessed the billing record through a personal motivation. The individual’s employment was terminated, and we reported the incident to federal authorities.”

Liska went on to say that no other employee was determined to have inappropriately accessed the record. “We are outraged that anyone might misuse a position with UC Health to attempt to embarrass or cause harm to another person. This is contrary to our ethic and the training we provide to our associates, and we took immediate action as a result. The allegations in the recent lawsuit are isolated to the people named in the lawsuit, and by no means reflect the conduct of UC Medical Center associates…”



somebody who posted PHI ( ) on Facebook is not too bright...


CMS Hospital Compare Website Updated with VA Data

The Centers for Medicare & Medicaid Services (CMS) has announced the inclusion of Veterans Administration (VA) hospital performance data as part of the federal agency’s Hospital Compare website.

CMS Awards Funding to Special Innovation Projects

The Centers for Medicare & Medicaid Services (CMS) has awarded 20, two-year Special Innovation Projects (SIPs) aimed at local efforts to deliver better care at lower cost.

Center of Excellence in Genomic Science to be Established in Chicago

The National Human Genome Research Institute has awarded $10.6 million over five years for the establishment of a new research center in Chicago to advance genomic science.

EHNAC and HITRUST Combine HIPAA Security Criteria, CSF Framework

The Electronic Healthcare Network Accreditation Commission (EHNAC) and the Health Information Trust Alliance (HITRUST) announced plans to streamline their accreditation and certification programs.

Halamka on MACRA Final Rule: “CMS is Listening and I Thank Them”

Health IT notable expert John Halamka, M.D., CIO of Beth Israel Deaconess Medical Center in Boston, recently weighed in on the Medicare Access and CHIP Reauthorization Act (MACRA) final rule.

Texas Patient Care Clinic Hit with Ransomware Attack

Grand Prairie, Texas-based Rainbow Children's Clinic was the victim of a ransomware attack on its IT systems in August, affecting more than 33,000 patients, according to multiple news media reports this week.