Azenith Smith reports:
A Monterey pot shop says the city illegally raided its clients’ private medical files. Now they’re looking to file a lawsuit.
“He opens up a HIPPA (sic) labeled file,” says Jhonrico Carrnshimba, a MyCaregiver director. “He sees a number of files in it at this point they should close the file. They shouldn’t have these files open.”
Okay, first, even assuming that the director is correct in everything he says, does HIPAA give a medical marijuana dispensary standing to sue for invasion of their clients’/patients’ privacy rights? Have I forgotten about some part of the statute?
[…]
But, Fred Cohn from the City of Monterey defends their actions.
“Medical marijuana establishments are not governed by HIPPA (sic),” says Cohn.
The city manager does not get to make the decision as to who is and who is not a HIPAA-covered entity. If medical marijuana use is legal in California (it is), and if a dispensary is accepting prescriptions in electronic format for medical marijuana or is filing for insurance reimbursement electronically, they would be a covered entity under HIPAA. At least that’s what HHS told me recently after I posed the question to them in another case.
But what if it’s not a legal medical marijuana dispensary? It’s not clear to me what California law says about medical marijuana dispensaries and I don’t know the background on this case as to why there was a court order that seemingly bars them from dispensing it. I looked at the court’s web site and found that it’s a civil case that goes back to February 2010, case ref GNM103860 , but the court does not have the complaint or documents available online.
“The only reason that those records were compromised is because they continued to operate illegally against the court order.”
He also said the inspection warrant gave them permission to search every part of the cooperative.
Certainly HIPAA-protected records can be accessed by law enforcement as we’ve seen in many other cases where law enforcement investigates Medicare/Medicaid fraud, so the city manager may be quite correct in his assertion on that.
MyCaregiver said 100 members are filing complaints with the U.S. Department Office of Civil Rights. They are also considering a lawsuit in federal court. Both are due back in Monterey County court on Thursday.
This could be an interesting case to follow, even though I doubt a complaint will do anything if the city had a warrant to search everything.
Read the full news story and watch the video on KION.