Curiosity Killed the Cat and Got 50 Hospital Employees Fired

You're Fired!

Out of curiosity, over 50 hospital employees, including nurses, decided to check the celebrity's medical records. Many said they didn't go past the name screen but that was enough to be a HIPAA violation. Those individuals lost their jobs.

Anything that you do online in the hospital is trackable. You cannot access the medical records of anyone unless you are involved in that patient's care. Even being only on the face page for any amount of time as little as 17 seconds is a HIPAA violation if you are not involved in the care for that patient.

Audit Trails

Authorities can find your path if you wrongfully access a record because of what's called "audit trails.” The same rules apply if you are changing a medical record such as making a late entry and you will need to properly identify the late entry. Although you may be able to simply replace or add to your prior charting, this can be discovered.

Your employer or an attorney can go through the audit trails to see exactly how the records may have been changed. Cases which might pique an attorney's curiosity, such as a heel ulcer developed overnight and yet all the proper preventative records were checked that they were done in the medical record and sudden changes in condition. In these situations, an attorney may get the audit trail to show that the entries placed in the record were entered late after they knew of the heel ulcer or the change in condition.

Also, be careful when copying and pasting previous notes. Again, those actions can be tracked and the attorney may question whether you actually performed a new assessment.

What is HIPAA?

HIPAA established national standards to protect an individual's medical record as well as other personal health information. Patients' have the right to privacy for their medical records. Any intrusion into the medical records can result in a significant fine to the hospital. Therefore, most facilities have a zero tolerance policy if the privacy rights of any patient are violated. Improperly accessing records could result in termination as this is what happened to more the 50 health care workers at Northwestern.

With medical records and portability information, it is even more important nowadays to be aware of the rules to protect patients' privacy as well as protecting your license.

Privacy and confidentiality also are important when you are conversing with another health care professional outside of the medical area such as in elevators or while having lunch. You never know who may be listening. Even if you avoid using the patient's name, there may enough information revealed to identify the patient.

This is not the first time that a celebrity's medical information has been improperly accessed. Britney Spears was hospitalized in a psychiatric unit when several employees improperly accessed her records. They were all terminated.

Social media is another big issue. All attorneys advise not to post anything, zilch, about work on any of the social media. Again, you can never know all who may be reading your posts or who may even forward that information to other pages.

Violation of HIPAA may result in fines of from $100 to $50,000 per violations and up to $1,500,000.00 a year. Hospitals must designate a HIPAA officer to make sure that the hospital is in compliance.

According to the HIPAA Journal, the average HIPAA data breach costs an organization $5,900,000.00. This is astronomical! No wonder hospitals take this so seriously.

Do your part by never accessing patient information for which you are not authorized to do.