She viewed the record for just 18 seconds – her supervisor pushed for leniency, but HR held firm
An Ohio hospital fired a social worker for accessing patient records to report a coworker's HIPAA violation – and an appeals court said that was fine.
In a decision handed down on April 24, 2026, the First Appellate District of Ohio affirmed summary judgment in favor of UC Health, LLC, finding the healthcare system had an overriding business justification for terminating Danielle Drake, a social worker in its emergency department, after she accessed a patient's protected health information without authorization. The case lands squarely in a gray zone that HR leaders in regulated industries know well: what happens when an employee breaks one rule while trying to enforce another?
Drake had worked in UC Health's emergency department since 2014. On December 8, 2023, she overheard a coworker on the phone with a patient's family member and believed the coworker was disclosing the patient's protected health information in violation of HIPAA. UC Health offered several ways for employees to report suspected violations, including a hotline, an email address, a reporting form known as MIDAS, and direct reports to a manager. Drake said she could not complete the MIDAS form because she did not know the patient's name. Compliance records later showed that on the same day, she pulled up a patient floor list for a floor of the hospital she was not working on and viewed the patient's identity...
We respect your privacy Telewizja Polska S.A. w likwidacji processes your personal data collected when you visit individual websites on the tvp.pl Portal (hereinafter referred to as the Portal), i...