News & Resources

Firm News

Alyce C. Katayama, Michael A. Levey quoted in article “Doctor Is Arrested for Stealing Thousands of Patient Records”

Medical Practice Compliance Alert

Below is an excerpt:

It appears that NRAD acted appropriately once it discovered the breach, investigating it, reporting it to state and federal authorities and taking steps to protect patients as well as alleviating fears they may have, pointing out in its notification letter that there was low risk of compromise of the records. It also posted additional information on its website.

However, the practice was a victim of a security breach and now has to deal with the consequences, including the adverse publicity and any other fallout, such as the cost of reporting and risk of litigation. "There are significant penalties for breach even when a breach is not [the practice's] fault," says attorney Alyce Katayama with Quarles & Brady in Milwaukee.



The typical physician employment agreement specifies that the records are proprietary and owned by the practice, not the physician, and that the physician can't access them upon end of employment except in limited circumstances, according to attorney Michael Levey, also with Quarles and Brady in Milwaukee. 

Originally published in Medical Practice Compliance Alert, February 26, 2015