Student HIPAA violation question
- 0Feb 6, '13 by studntIn my externship at a large clinic. I needed to have my immunizations up-to-date. I was told my MMR was not and could not be found anywhere in the registry. I had my blood drawn at another clinic to see if I was immune. They called and said I was immune to Measles and Mumps, but not Rubella. I got two phone calls from the clinic and one stated my partial immunity and the other wanting me to call the clinic back. I did not know why. By this time, the clinic was closed for the day.
The next day I looked up my own chart at my externship site to see what it said. I needed to get the information to my school so they had it on file or I knew I could be pulled from my externship site.
If I was indeed immune to Rubella, I knew I didn't need to get any further testing or blood draws, as I had an appt. made for an MMR injection with my pcp that same day. I would then just need to request a copy of it for my school.
It said I was not immune so I figured I needed the MMR injection. I did not look around in the chart for anything else. Just to find out this information, nor did I share the information with anyone or share anyone else's I have access to. I did not know I should not have looked up my own. I mentioned to my pcp's CMA at the injection appt. (this was after I had looked in the chart earlier that day) that I could just look up the info myself once my results were in and she said, "No. Don't ever do that!" I am scared the clinic will file a complaint and I will be fined. Is this a violation if I didn't know?
I have a sinking feeling I will be looking for a new degree. Is this violation something that will keep me from getting hired anywhere in the medical field now? Help. I feel like I have let myself down and my whole family down. All that schooling was for nothing if I get pulled and don't get the degree. Not to mention, will still have to pay for it.Last edit by studnt on Feb 6, '13 : Reason: Clarification
Poll: Should I be pulled from my site?13 Votes
- 2Feb 6, '13 by rumwynnieRNThat's actually something I never understood. Every institution is different, and where I've done clinical, you need to have permission to view your own chart. I think it's silly that the only person's privacy I would be violating is my own -- and I'm not about to sue myself. The argument I've been given is it's the hospital chart. Eh, whatever. Note to self -- keep doing what you've been doing and don't look at your chart.
That said, I don't know how your site will react to this. Technically you violated privacy and the institution's rules, but as you're still a student. On the scale of dumb **** students have done (...LIKE TAKE THEIR CELLPHONES INTO THE OR, seriously...?!), this just seems ridiculous because the patient in question is you. I don't know if that's how your externship site will take it, but I would try apologizing and explaining you didn't know. Offer to take a HIPAA remediation course. This may not allow you to keep your position, but it's a place to start.
- 5Feb 6, '13 by mariebailey, MSN, RNNo, it's not a HIPAA violation. It may have violated your organization's policy, but not HIPAA. There is no need to look for a new degree; you did nothing to warrant it. Consider fessing up, & acknowledge you weren't aware of any policy against looking up your own records. Good luck.
- 0Feb 6, '13 by studntThanks for helping put my mind at ease somewhat. I don't think they will take it well. That is why I was worried in the first place. They are a pretty big institution and have a zero tolerance for most things it seems. I will think about coming clean with the nursing supervisor in the morning. That may help or hinder. I guess I will find out.
- 1Feb 6, '13 by rumwynnieRNQuote from studntSince this is an externship and not clinical, I wouldn't worry about it too much. Yeah it sucks you may have lost the opportunity, but you live and learn. If that was the case that you screwed up in nursing over something like this (like no one else was hurt but you), there would be fewer nurses now.Thanks for helping put my mind at ease somewhat. I don't think they will take it well. That is why I was worried in the first place. They are a pretty big institution and have a zero tolerance for most things it seems. I will think about coming clean with the nursing supervisor in the morning. That may help or hinder. I guess I will find out.
- 1Feb 6, '13 by Esme12, BSN, RN Senior ModeratorWelcome to AN! The largest online nursing community!
Technically, it is NOT a HIPAA violation to look up your own information....for it is your information. But some facilities attach the word HIPAA to their policy to ensure the seriousness of violating their policy. Some facilities are very serious about this and they may remove you from their site.......if you were employed it is considered by some facilities to be grounds for immediate terminal.
I am sorry you are going through this ((HUGS)) .......but during orientation nad you sign that you agree and have read their policies and privacy/confidentiality agreement....it's serious business.
I moved your post to the HIPAA challenges for best response.
I wish you the best.
- 1Feb 7, '13 by nurse2033Agree with mariebaily, according to HIPAA the patient has the right to access to their records. But most places have POLICIES that forbid you to go into a chart that you are not providing care for. You might get into trouble at the site, but not with Uncle Sam. In the future just go through channels. Good luck.
- 0Feb 7, '13 by Meriwhen, ASN, BSN, RN Senior ModeratorEven though it's your own PHI, you still need to follow facility P&P in order to access it. Just because you work there/have access to the records doesn't mean you have carte blanche to look up your info whenever you want.
So HIPAA violation: technically, no. Facility P&P violation: probably...and unfortunately, violating a facility's P&P can get you in just as much trouble.
I hope it all works out for you. Best of luck!
- 2Feb 7, '13 by GrnTea, BSN, MSN, RNFacilities can get hit with amazingly heavy fines for HIPAA violations, which is one reason they care so much. This, however, is not a HIPAA violation, because it does not involve release of PHI (private health information) to someone who is not authorized to have it. You are authorized to know your own immunization records.
To be honest, the only reason I can think of for hospitals to forbid employees from accessing their own records is because it's a waste of work time, like making personal phone calls. But if that's their policy, it is. I agree with the person who says on a scale of zero to ten of stupid things a student could do, this is somewhere around 0.04. Throw yourself on the mercy of the court and I doubt they'll do much more than put the fear of god in ya. Which you have already. Go forth and sin no more.
- 0Feb 8, '13 by rnnursingstudentActually it is a HIPAA violation. You are not allowed to view your own chart by yourself. If you want to view your chart it has to be witnessed and if I recall it has to be two witnesses. You also have to put it in writing that you would like to view you chart and it is not so much you viewing it is such the major issue its to ensure you don't take anything out of the chart that is in there for instance if you didn't like what a pcp wrote in one of his progress note. You are a regular patient there. And if you want to get technical you are not supposed to view any chart that is not directly related to your tasks at hand. I have seen people take out charts and just start reading them and they had no business or medical need to read them. They are LEGAL documents people.