[ Monday, May 03, 2010 ]
Jeff [12:31 PM]
- Guest Blogger: Recently, I received an offer from Kitty Holman, who writes on the topics of Nursing Schools, to write a post for the HIPAA Blog. Below is her article, addressed specifically to nurses who are presented with HIPAA quandries. She welcomes your comments at her email, firstname.lastname@example.org.
Interpreting and Following HIPAA for Nurses
As a nurse, you will have constant access to your patients’ files and records, often even more so than doctors do, meaning it is absolutely necessary to be vigilant about potential HIPAA violations.
Some of the HIPAA breaches involving nurses have been committed through obvious carelessness, and these are the cases that are most easily avoidable. For example, who can forget the February 2009 case in which two Wisconsin nurses were fired after snapping photographs of a patient’s X-rays and allegedly posting them on Facebook? Even though the reasons behind the nurses’ picture-taking were innocuous (they were supposedly highly amused by the patient having an object lodged in his rectum), the nurses were clearly crossing the line.
There are other HIPAA breaches that are a little more difficult to pin down. Take the case very recently reported by AIS Health involving the medical records of a minor. A mom was so determined to view her child’s PHI involving substance abuse that she hired a lawyer to obtain a court order. The lawyer claimed that since the child was a college student, he was not yet “emancipated,” meaning that the mother had the right to look at the records. In this case, the lawyer was wrong.
As a nurse, you should be advised that just because concerned parents demand information, doesn’t mean that they have lawful access to it. If the child is a minor, but is being treated for STDs, pregnancy, substance abuse, etc., then in many states, the child must grant authorization to their parents to view their records. Different states have different laws, however, and you should be aware of your state’s specific regulations.
The AIS Health article cited above gives some great basic tips when it comes to dealing with the HIPAA and minors. If your state allows minors to control access to certain of their medical records, be aware that your employer may have special rules affecting that access. For example, an employer may have rules for employees who are also parents of patients. Since electronic records do not differentiate between a child’s treatment for the flu or for an STD, some employers require employees to follow the same formal access request requirements that would be applicable for parents who aren't employees. In other words, even though it's your child, follow the same path to access as you would if you weren't an employee. While the ultimate purpose of HIPAA is to protect patient privacy, sometimes the implementation of HIPAA by nurses can go too far, simply because they are not aware of the rules and they would rather deny PHI access to relatives than go through the trouble of determining whether or not the access constitutes an actual breach. The New York Times wrote an interesting article a few years back specifically about these cases in which medical practitioners used the HIPAA “excuse” to deny access to medical records.
At the end of the day, it’s important to be as educated on the specifics of HIPAA as possible so you won’t unintentionally breach the law, but also so you won’t misuse HIPAA, either. Balance is important, and discretion is imperative. For more information about HIPAA as it pertains to nursing, read this article published in the American Nurses Association’s Online Journal of Issues in Nursing.
Blogger: HIPAA Blog - Edit your Template