Need opinions from RN's for my Ethical Dilemma Assignment!

  1. 0
    So far, everyone has split opinions...

    "Jane works in the ED part time as a tech and goes to nursing school. She was working one day when a "once in a lifetime" patient came in with an issue that brought about a head scan that none of the doctors in the ED had seen to date in their 200+ years total of experience.
    Jane wanted to take a picture of the scan for educational purposes. She asked the very well respected doctor who was caring for the patient, who had also been the nursing director. The Physician agreed happily and told her to make sure the picture she took with her phone did not have any identifying features in it, and Jane did as instructed. There were no numbers or letters on the scan that would identify the patient.
    Jane was excited to share her great scan with her instructor who she trusted in the educational setting. She had not shown anyone, and in private, she showed her instructor while telling the instructor about what she had learned. In a very concerned tone of voice, the instructor said to delete it immediately and she had violated Hipaa."

    Did Jane violate Hipaa law? Or is this a grey area untouched by the law? Should Jane be taken out of nursing school?
  2. 5,809 Visits
    Find Similar Topics
  3. 22 Comments so far...

  4. 6
    i do believe hipaa was violated. reasoning is, in this case it was so unique a medical circumstance, that the identifier was the image. no names or account numbers were necessary, because the very uniqueness of the image will identify this patient. i don't think the area of the law is grey on this one.

    actually, this reminds me of a very recent case in which an aide took a photo of a patient's buttocks and posted them on facebook. i realize the student in the hypothetical situation didn't post them, but my point is the photo showed unique wounds that did identify the patient to the person(s) who viewed the fb page. aide fired, prosecuted, etc etc.

    should jane be taken out of school? no, not in my opinion. it's a learning opportunity; she believed she had the necessary permission because a doctor told her it was ok. her ignorance in this situation doesn't deserve explusion.

    just my opinions
    sharpeimom, VivaLasViejas, Meriwhen, and 3 others like this.
  5. 2
    OK- first, I am Canadian so am not familiar with HIPAA ( or is it HIPPA - sorry, I get confused)

    But -I would want to know - did Jane ask the pt's permission to take the picture? Why was a picture necessary? Could she just not discuss what the condition was and subesquent treatment? I feel that the technology of phones being able to take pictures has really invaded people's privacy. As someone with a rare medical condition I am fine with students learning more about the disease, but posting pictures is a little bit too invasive for me. I don't know who sees those pictures or what is being done with them.
    Once a picture is taken and sent to another person, we lose all control of that picture. I don't know if I want pictures of me or my medical condition being passed around randomly.
    lindarn and tokmom like this.
  6. 2
    Yes, I believe she violated hippa. Why did she need a picture of the scan? There is no reason a nurse needs to see pictures of the scan. That's the doctors business, not the nurse. No, she should not be expelled from nursing school, as this is a learning experience.
    JustBeachyNurse and lindarn like this.
  7. 4
    I actually disagree. I do not believe this was a HIPAA violation because there was no disclosure of protected health information.
    In order for HIPAA to have been violated, there must be sharing of personally identifiable information without the patient's consent. In this case, there were no identifiers on the picture, and the picture itself (since it does not identify the person) is not protected.

    OP, here is a very detailed explaination of wha HIPAA covers and does not cover. UC Berkeley Committee for Protection of Human Subjects
    You will see that the first section includes a list of the 18 personal identifiers covered under HIPAA. It does on to describe exactly what protected health information (PIH) is, and what it is not. I'll allow you to read it for yourself, but I've coped a few pertinent sentances below.


    List of 18 identifiers
    "1. Names;
    2. All geographical subdivisions smaller than a State, including street address, city, county, precinct, zip code, and their equivalent geocodes, except for the initial three digits of a zip code, if according to the current publicly available data from the Bureau of the Census: (1) The geographic unit formed by combining all zip codes with the same three initial digits contains more than 20,000 people; and (2) The initial three digits of a zip code for all such geographic units containing 20,000 or fewer people is changed to 000.
    3. All elements of dates (except year) for dates directly related to an individual, including birth date, admission date, discharge date, date of death; and all ages over 89 and all elements of dates (including year) indicative of such age, except that such ages and elements may be aggregated into a single category of age 90 or older;
    4. Phone numbers;
    5. Fax numbers;
    6. Electronic mail addresses;
    7. Social Security numbers;
    8. Medical record numbers;
    9. Health plan beneficiary numbers;
    10. Account numbers;
    11. Certificate/license numbers;
    12. Vehicle identifiers and serial numbers, including license plate numbers;
    13. Device identifiers and serial numbers;
    14. Web Universal Resource Locators (URLs);
    15. Internet Protocol (IP) address numbers;
    16. Biometric identifiers, including finger and voice prints;
    17. Full face photographic images and any comparable images; and
    18. Any other unique identifying number, characteristic, or code (note this does not mean the unique code assigned by the investigator to code the data)"


    "Also note, health information by itself without the 18 identifiers is not considered to be PHI. For example, a dataset of vital signs by themselves do not constitute protected health information. However, if the vital signs dataset includes medical record numbers, then the entire dataset must be protected since it contains an identifier. PHI is anything that can be used to identify an individual such as private information, facial images, fingerprints, and voiceprints. These can be associated with medical records, biological specimens, biometrics, data sets, as well as direct identifiers of the research subjects in clinical trials."
    In nursing school, we were allowed to copy information from the chart to work on our care plans at home as long as we did not copy down any identifying information, such as name or medical record number. This was not a HIPAA violation because the information could not be used to identify the patient.

    So, in short, unless the instructor could look at the picture of the scan and identify protected health information about the patient, it was not a HIPAA violation. The picture of the scan itself, with no protected health information, is not a violation.
    Last edit by Ashley, PICU RN on Apr 3, '12 : Reason: added information, changed paragraph spacing
    sharpeimom, GrnTea, ckh23, and 1 other like this.
  8. 0
    Quote from studentontheedge
    so far, everyone has split opinions...

    "jane works in the ed part time as a tech and goes to nursing school. she was working one day when a "once in a lifetime" patient came in with an issue that brought about a head scan that none of the doctors in the ed had seen to date in their 200+ years total of experience.
    jane wanted to take a picture of the scan for educational purposes. she asked the very well respected doctor who was caring for the patient, who had also been the nursing director. the physician agreed happily and told her to make sure the picture she took with her phone did not have any identifying features in it, and jane did as instructed. there were no numbers or letters on the scan that would identify the patient.
    jane was excited to share her great scan with her instructor who she trusted in the educational setting. she had not shown anyone, and in private, she showed her instructor while telling the instructor about what she had learned. in a very concerned tone of voice, the instructor said to delete it immediately and she had violated hipaa."

    did jane violate hipaa law? or is this a grey area untouched by the law? should jane be taken out of nursing school?
    to quote ashley from yesterday.......

    yes, it is a hipaa violation. hipaa requires patient consent for the release of identifiable information, including patient photography beyond the purposes of billing and treatment. patient photography, videotaping, and other imaging (updated)
    http://allnurses.com/general-nursing...744-page3.html

    yesterday's thread was another good hipaa thread.....http://allnurses.com/general-nursing...st-692744.html
  9. 0
    Quote from esme12
    to quote ashley from yesterday.......

    yes, it is a hipaa violation. hipaa requires patient consent for the release of identifiable information, including patient photography beyond the purposes of billing and treatment. patient photography, videotaping, and other imaging (updated)
    http://allnurses.com/general-nursing...744-page3.html

    yesterday's thread was another good hipaa thread.....http://allnurses.com/general-nursing...st-692744.html
    but it was a picture of a picture. did the patient sign consent for the mri/ct to be taken?

    im asking a legit question.
  10. 1
    I think there is a difference between taking a picture of someone's face (yesterday's thread) and taking a picture of a scan, such as an MRI scan or a CT scan that has no identifiable information.

    Here's a few similar examples:

    A patient has a very rare abnormal heart rhythm. I want to share it with my nursing class, so I get a copy of the EKG and cut out just the rhythm strip with no name or other information, just the strip. While that EKG strip may be unique to that one patient, the strip alone cannot be used to identify the patient, so it's not a HIPAA violation.

    Say I have a very rare brain tumor. Someone takes a picture of my MRI scan with no identifiable information, just the scan. This is not a HIPAA violation either because the image itself is not able to identify me. If someone on the bus has a copy of that scan and they see me sitting next to them they will have no way of knowing that the scan came from me.

    Full-face photographic images are protected under HIPAA as one of the 18 identifiers. Test results that contain none of the 18 identifiers are not considered protected health information and therefore not covered under HIPAA.
    GrnTea likes this.
  11. 0
    She probably should have gotten the pt's permission--but generally I don't think this was HIPAA violation if she removed all identifiers. In my mind, just having a 'unique' head CT, does not make it identifiable for a given pt--i.e. someone looking at the CT will not conclude "oh, that has to be Sally Smith." Also, several textbooks/journals have radiology images in them--what type of permission is required from the pt if an author want to put a radiology image in a book (for the record, I don't know the answer to the question, but if the pt gives permission, it is obviously not a HIPAA violation if identifiers are removed)?

    Not really related to the ethical question--why would a student in nursing school (not NP/CNRA,etc. school) feel the need to take a photo of the CT for the class? Would I find it interesting? Yeah, but I'm a dork like that. I can hear people from my nursing class right now: "This is dumb," "What am I looking at, and why do I need to see this?" "What a waste of time." Given the scope of nursing school, there is no real need to display this photo to class, and no reason for "Jane" to even put herself in the way of the HIPAA train.
  12. 1
    Nope. There are no patient identifiers. Besides there are millions of pictures used in various teaching and education. Just check out a M&M conference.
    GrnTea likes this.


Top