Doctor Breached HIPAA Privacy Rule with Alleged Social Media Retaliation

by | Mar 21, 2017

A medical physician at the Dr. O Medical and Wellness Center in San Antonio, Texas allegedly retaliated against a patient by posting a recorded video of the person wearing only underwear on Facebook and YouTube. The actions of the physician, which appear to be a clear contradiction to the HIPAA Privacy Rule, have led to her being sanctioned by the Texas Medical Board following an official complaint by the patient.

The patient, Clara Aragon-Delk, underwent a number of cosmetic surgery procedures from the beginning of 2015. Non-invasive laser treatments were carried out by Dr. Tinuade Olusegun-Gbadehan.  Official permission was provided by the patient to have photographs and videos taken. However, authorization was only given for ‘anonymous use for the purposes of medical audit, education, and promotion.’

The images and video showed full face shots of the patient. A video was posted to Olusegun-Gbadehan’s Facebook page without any attempt to protect the patient’s privacy by pixelating their face,

From the video, it seems that the patient was happy with the treatment, although around a month later the patient had changed her mind on this. The patient replied to the Facebook post stating “OK, I’ll make my Comment! Beware! Send me a personal message, and I’ll share my experience with this crap!”

There were subsequent email correspondence between the Dr. Olusegun-Gbadehan and the patient in which Aragon-Delk argues Dr. Olusegun-Gbadehan acted in an abusive and threatening manner towards her.

Aragon-Delk says Dr. Olusegun-Gbadehan said in one email between them that, “I will damage your professional and you will be humiliated!” Olusegun-Gbadehan also stated, others “will see your glowing testimonial and your body, enjoy your Hi-Def video. Enjoy as others will do the same.”

In the complaint made to the Texas Medical Board, the patient claimed she suffered burns during the first surgical procedure. She also claimed to have been overbilled for the treatment. In response to the overbilling, the patient contacted a payment processing company called Stripe regarding charges which she disputed.

The Texas Medical Board ruled that Dr. Olusegun-Gbadehan had violated the patient’s privacy and acted in an unprofessional manner and said the posting of the video was a HIPAA violation and was unprofessional. The Board also found that an email containing the link to a posting of the video that was sent to the patient in an unsecured format. This was also found to be a confidentiality breach and was unprofessional.

Dr. Olusegun-Gbadehan also distributed the video to the merchant processing company as a response to the billing dispute as evidence that the patient initially appeared to be happy with the treatment. However the Board found that this too was a violation of the patient’s privacy.

Dr. Olusegun-Gbadehan neither admits or denies the allegations, but she agreed to the Texas Medical Board’s order to avoid a contested hearing, according to the local press. The order requires the physcician to retake the Texas Medical Jurisprudence Examination within the next year.

While the matter would appear to have been settled between the parties , the patient has now sued Dr. Olusegun-Gbadehan seeking compensation for mental anguish, physical pain, and suffering. Patients cannot sue physicians for HIPAA violations as there is no private cause of action. Consequently, a health care liability claim has been made under state law, claiming the publication of the video and following correspondence via email were intended to damage the patient’s personal and professional reputation.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.


Please enable JavaScript in your browser to complete this form.

Patrick Kennedy

Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field. Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile:

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy