Lawsuit Brings Allegations of HIPAA Violation Against Prisma Health


A plaintiff filed suit against defendant Prisma Health and third party defendant RevMD Partners LLC on Monday in the District of South Carolina. The complaint for damages and injunctive relief cites violations of the Health Insurance Portability and Accountability Act (HIPAA) and the Fair Debt Collection Practices Act.

The complaint alleges that the defendants unlawfully disclosed the plaintiff’s protected health and personal identifiable information. HIPAA intends to protect the health information of individuals and ensure that any disclosure of that information only occurs in the appropriate circumstances, or when express written authorization is given from the owner of the information. HIPAA defines protected health information as any diagnoses, treatment information, medical tests results, prescription information, and mental health issues.

When receiving treatment from the defendant, the plaintiff said they were required to provide them with “sensitive, personal, and private information,” that is defined under HIPAA as protected health information. The information is then available to Prisma employees, which includes staff, entities, clinics, sites, and Prisma locations.

The plaintiff contends that her information was improperly disclosed to defendant RevMD without her expressed written consent.

The complaint cites negligence, negligence per se, breach of expressed contract, breach of implied contract, breach of fiduciary duty, and wrongful intrusion into privacy affairs/invasion of privacy. Hill is seeking a trial by jury, favorable judgment on each count, monetary civil penalties, pre- and post-judgment interest, litigation fees, and any other relief deemed proper by the court.