Co-mingled records

From Clinfowiki
Jump to: navigation, search

The act of mixing the records belonging to one party with those of another party.[1]

An administrative law judge of the National Labor Relations Board ruled that an employee did not violate HIPAA regulations when he accessed other employees contact information to provide to a union representative. The employer had instructed all employees to enter their contact information into the same system where patient data was stored. The employer stated that placing the contact information in the same system would make it easy for anyone to be able to contact the employees for work related or personal reasons. One employee accessed the system and provided contact information of other employees to union representatives. The employer reported the incident to the Department of Health and Human Services, Office of Civil Rights as a HIPAA violation. The Board of General Consult and the administrative law judge concluded the employer’s co-mingling of employee and patient records and the established practice of using the employee information for non-work related reasons prohibited the defense of a HIPAA violation. Both contended accessing other employees contact information did not violate HIPAA confidentiality.[2]


  1. (n.d.) Commingle. Retrieved from
  2. Rocky Mountain Eye Center, P.C., Case #’s 19-CA-134567, 19-CA-137315 (Laws, ALJ) (May 6, 2015)