Prime Healthcare Settles Suit

The hospital chain Prime Healthcare Services Inc. has finally agreed to settle a federal investigation into alleged violations of patient privacy. On June 11, 2013, the Ontario-based company stated that it would pay $275,000 to settle the suit. Prime Healthcare and a related nonprofit foundation are responsible for owning or operating 23 hospitals in California and four other states.


The case arose from allegations that Prime Healthcare and its Shasta Regional Medical Center in Redding violated patient confidentiality rights by sharing a woman’s medical files with journalists and sending an email about her treatment to nearly 800 hospital employees. This information was being disclosed in 2011, as Prime sought to undercut a Center for Investigative Reporting (CIR) story about aggressive Medicare billing practices.

Federal records showed that in two years, the hospital billed Medicare for treating for than 1,000 senior citizens for kwashiorkor, a form of malnutrition normally found among children during famines in sub-Saharan Africa.

Patient Darlene Courtois told CIR that she had been hospitalized for complications of diabetes, not malnutrition, and was never even told that she suffered from the ailment. In fact, she was overweight, not malnourished. Despite all this, federal records stated that the hospital received a $6,700 bonus payment from Medicare for Courtois’ kwashiorkor treatment.

For its violation, California regulators fined the hospital chain $95,000 back in 2012 for the unauthorized disclosure of medical information. The company has said that it would be appealing the state fine. “Shasta Regional Medical believes that disclosures, if any, were permitted under both federal and state law,” said company spokesman Edward Barrera. “Shasta Regional Medical Center is committed to the privacy of its patients.”

These privacy violations allegedly occurred when the hospital was attempting to respond to a story published by California Watch, a nonprofit news organization that featured patient Darlene Courtois and allegations that the hospital was overbilling Medicare. The alleged breach of patient confidentiality was revealed in January.

The state agency said that it issued an additional $3,100 in fines in the case, since the hospital failed to report the breach to the state and the patient in a timely manner. Furthermore, the Department of Public Health fined Prime Healthcare $25,000 because a Shasta hospital employee inappropriately accessed a co-worker’s medical files in January, while the person was being treated at that location.

Federal Court Findings

In the federal statement announced June 11, Prime Healthcare did not admit to any wrongdoing. The company and hospital reported that they “… firmly believe that they would have prevailed in this matter based upon the merits.”

A spokesperson for the federal Office for Civil Rights, which was responsible for investigating the matter, declined to comment in detail upon the settlement until the company made the $275,000 payment.

Prime also said that it continues to face another federal investigation into its billing and hopes that the situation “will be resolved in the near future.”

Last year, the company received a subpoena from the US Department of Justice “surrounding the coding and diagnosis of certain medical conditions at its California hospitals.” The company said that it had responded to the subpoena earlier this year, believing that its “practices have been consistent with all applicable laws.”


This article introduces the case against Prime Healthcare, an Ontario-based company that owns and operates hospitals in the United States. In 2012, the company was accused of violating patient privacy. On June 11, 2013, Prime Healthcare announced that it would pay $275,000 to settle the federal investigation.

CIPP Exam Preparation

In preparation for the Certified Information Privacy Professional/ (CIPP/United States), a privacy professional should be comfortable with topics related to this post, including:

  • Regulatory authorities (I.A.d.)
  • Incident response programs (I.C.c.)
  • Medical privacy (II.B.)

Leave a Reply




You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>