Michael Jackson's medical records at UCLA were improperly accessed, source says
Michael Jackson’s legal team learned after his death that his medical records had been improperly accessed at Ronald Reagan UCLA Medical Center, according to a source close to the case.
The source, who asked not to be identified, said it was not clear whether the privacy breaches known to the singer's legal team were the same as those reported Thursday by state regulators, who have fined the prestigious hospital $95,000 for privacy violations, all related to the same patient's records.
The state report identified the person whose records were improperly viewed as a "deceased patient."
The breaches began last June 30, five days after Michael Jackson's death at the Westwood hospital, where he was taken by ambulance from his rented mansion in Holmby Hills.
Farrah Fawcett, who died the same day as Jackson at St. John's Medical Center in Santa Monica, was a former UCLA patient whose medical files were breached while being treated for cancer at the facility.
UCLA spokeswoman Dale Tate declined to identify the patient involved or whether the patient was a celebrity.
In a statement, UCLA officials said they had made a "determined effort to train and test ... employees on patient privacy laws and implemented a wide range of safeguards to ensure patient confidentiality" over the last three years.
The $95,000 fine marked the latest in a series of privacy breaches at UCLA, where hospital officials have struggled to protect the medical information of its celebrity patients.
Hospital officials notified the patient’s family as soon as the breaches were discovered, Tate said. Their internal investigation found that no information had been sold, she said.
“There wasn’t anything they saw that was worth selling,” Tate said. “We have systems in place that put up barriers. You’re not authorized to look at certain things. You can only go so far.”
Officials at the state’s Office of Health Information Integrity were still investigating the employees' actions this week, spokesman Scott Murray said. They could potentially face criminal charges and financial penalties, he said.
California Department of Public Health officials declined to identify the UCLA patient or whether the person was well-known.
Kathleen Billingsley, deputy director of the department’s Center for Health Care Quality, said she does not view celebrities any differently than other patients when it comes to medical privacy.
“Medical privacy is a fundamental right,” Billingsley said. “Every Californian treated at a hospital should not have to worry about who is viewing their medical information.”
Jackson’s medical records were the subject of intense interest in the weeks following his unexpected death at age 50. In early July, The Times reported that unauthorized staff at the Los Angeles County coroner’s office had viewed the pop star's death certificate more than 300 times.
The hospital reported the first breach to the state Aug. 5 after a medical school employee and an employee in the Department of Pathology and Medical Support Services were found to have accessed the patient’s records two days before. The medical school employee had even printed labels for laboratory tests that had been performed on the patient, according to the report.
Neither had any reason to access the records, the report states.
On Sept. 7, hospital officials reported that they had discovered more violations of the same patient’s records by two contract workers with the hospital’s pathology billing service, according to the report. One accessed the patient’s records June 30 and July 9, the other only on July 9, the hospital reported.
In an interview with state investigators, hospital staff said they had spoken with the contract employees after the breach was discovered and that they “admitted inappropriate access, they were curious.”
The fines issued Thursday came under a state law enacted in 2008 after widely publicized violations of patient privacy at UCLA involving Fawcett, singer Britney Spears, California First Lady Maria Shriver and other celebrities.
UCLA officials said Thursday that in the wake of those problems all faculty, clinicians, nurses, students, residents and staff must take an pass a compliance exam on patient privacy law.
In addition, a "clinical information system being implemented provides an
enhanced level of restricted access based on user authentication and
role," Tate said. The medical center also has increased audits to ensure privacy is maintained, she said.
The issue of unauthorized people looking at the electronic records of celebrities has vexed the state. In 2009, California health regulators issued the first penalty under the privacy law, fining Kaiser Permanente's Bellflower hospital $437,500 for failing to prevent employees from snooping in the medical records of Nadya Suleman after she gave birth to octuplets.
-- Molly Hennessy-Fiske
Photo: Ronald Reagan UCLA Medical Center, top, has been fined $95,000 for violating patient privacy.
Credit: Los Angeles Times
Photo: People hold up Michael Jackson pictures, bottom, as reporters and spectators wait at UCLA Medical Plaza for a news conference about the singer's death last June 25.
Credit: Ann Johansson / Getty Images