Monday, May 12, 2014

Shooting from the HIPAA

I recently completed my required Compliance Education which discussed all types of ways doctors can go to jail.

One issue that stood out was HIPAA violations (Health Insurance Portability and Accountability Act) in the modern digital era. Apparently, it wasn't just the doctor who treated Octomom that is in trouble-EIGHTEEN employees of the hospital where she delivered were fired as a result of improper access of her records. Even though, as it turned out, no information was fed to the media from these employees.

There was another case (I know, you can't believe that I actually read the pdf before answering the questions!) where a patient had a FB [foreign body] lodged up his rectum (you can imagine what the FB is) and multiple employees viewed the x-ray and some snapped cellphone pics of it and put it on their Facebook site. They too were fired.

There's two HIPAA issues here: Access and Distribution. Improper access of records is a violation. And in both situations this was violated by many employees. Distribution is not necessarily a HIPAA violation if no personal identifiers (see below) are used.

I just read this fascinating post, initiated by this question: "Are Doctors required to get patient permission to use unidentifiable x-rays, CTs, EKGs for medical education online?"

According to the article, the answer is...No.

This is based on the 18 indentifier criteria for Case Reports, to make them HIPAA compliant. They are listed in the above linked blog.

However, just because it isn't a HIPAA violation does not mean that it is not a fireable offense. I was discussing this issue with a Health Care Lawyer friend of mine who pointed out that the hospital owns all the records related to the patient. And even taking a cell phone picture is in violation of their intellectual property which can easily get you fired.

That may be your patient, but it is not your right to use that information, EVEN if you get permission from the patient to do so, or don't get permission but eliminate identifiers and have no HIPAA violation.

I would be very careful taking any images of anything related to any patient in a hospital or clinic that you personally do not own. And don't access a patient chart unless you have legitimate medical reasons to do so. If you want to use, academically, something of your patient's, don't assume you can do it because it is not a HIPAA violation. Ask your administration for permission.

It is better to be safe than sorry.

4 comments :

  1. I wish to convey my gratitude for your kindness for visitors who absolutely need assistance with that idea. Your real dedication to passing the message all over had been pretty practical and has without exception enabled associates much like me to realize their targets. Your own warm and friendly key points indicates a lot to me and extremely more to my mates. With thanks; from each one of us.  pengobatan alternatif kanker servik.dan.pengobatan alternatif kanker mulut rahim

    ReplyDelete
  2. Best Hair Transplant Turkey lets you to find the best quality-price hair restoration clinic in Turkey and Istanbul. All solutions about hair restoration

    ReplyDelete
  3. It’s very informative and you are obviously very knowledgeable in this area. You have opened my eyes to varying views on this topic with interesting and solid content. best weight loss product

    ReplyDelete
  4. I will not attempt to prove whether experience improves your outcome at the track. However, healthcare venture capitalists often use horse racing analogies when discussing ideal investments. These venture capitalists prefer to bet on the jockey versus the horse. Their logic, it's the people that drive the business. nurse jobs Dayton

    ReplyDelete