Good Old HIPAA Violation!

Published

This is for everyon'e info. recently I got into trouble for a HIPAA violation at my hospital. First major infraction in 31 years! Early part of last month I was doing a case in the OR when we heard that a RT employee had come into the ED in full code. I was already in the ER roster looking up a potential patient for the surgeon and saw the name and looked to see if I knewhim. I know alot of the RT but didn't know him by name. I forgot about it until a few days ago when I was called into the "pricipals" office downstairs, not my Directors' office. I was asked if I had indeed loked and I said yes because I wanted to make sure it wasn't a friend of mine. They told me that there had been quite a number of hits, we use computer nursing, and hey were going to talk with everyone. They also told me there would be disciplinary actions taken , but not termination. I thought I would probably get written up and that would be it. Instead I got a 3 day suspension. The HIPAA czar I talked to had said the rules had gotten much stricter after the first of the year but I didn't expect this. I went into our HIPAA manual and looked up the policies concerning punishments. It went form verbal consuling to written ,all the way up to suspension and termination. They jumped all the way up to final warning and suspension. I don't mind the suspension as much as they might of chaned the policies concerning punishment and did not inservice or inform the employees of such changes. I only think it would be fair on their part to do formal inservices or at least put out memos to the changes. This post is for info for everyone to watch out, "They are watching"!

Specializes in O.R., ED, M/S.

I do have a meeting with the VP of HR to discuss this matter. My concern is that other employees may get punished for new policies the hospital failed to give to the employees. I also feel that I did nothing more than most employees might of don e, but the patient being an employee red flags went up.

Up Vote Up Vote ×
Specializes in Maternal - Child Health.

May I respectfully suggest that you not use the defense of "doing nothing more than other employees have done."

That's like telling a State Trooper that you're not guilty of speeding because everyone else was going too fast also. It won't bring you any sympathy because it verifies that you did wrong.

Better to stick with the argument that the hospital is obligated to follow their own published and stated rules regarding discipline.

Up Vote Up Vote ×
Specializes in O.R., ED, M/S.

I am sticking to the argument that the hospital and corporation has not kept up with dutifully informing the employees of changes in the rules. I have always admitted to doing exactlly what they think I did. I am also not asking for sympathy because this post is for informing all of you what to look out for. I need no ones sympathy for anything.

Up Vote Up Vote ×

We had a nurse commit a major HIPPA violation last year. It cost the hospital 250k. The nurse was suspended pending termination. Then after a year she came back, same job, via union intervention and management changes. She's a bit more subdued now. And she worked there over 25 years too.

Up Vote Up Vote ×
Specializes in nursing student.

I completely understand your frustration with not being informed of changes but you obviously knew there was a policy against it in the first place so regardless of the changes in punishment, you should not have violated the policy. Would you have been so upset if they had simply given you a verbal warning? I know alot of people who have done the same thing and when they get caught and warned that there will be consequences if they are caught doing it again, they get upset. You knew it was wrong in the first place, we all are required to do HIPAA inservices annually and are bombarded with it everytime you visit the hospital or doctors offices. The punishment policy is new but the HIPAA policy is not.

Up Vote Up Vote ×

I recieved a final warning for giving my password out while we were swamped and it was a close coworker. I was the only one with a pw and we got 9 admits in 5 hours so she was helping. Well long story short, someone used my pw to look up an employees records to see why she died. Luckily I wasn't working the day the access showed up or I would have been terminated so please beware. As the facilities can loose a lot of money on fines they are not willing to put up with it. I learned my lesson. BUt yes the policies should have been up to date

Up Vote Up Vote ×
Specializes in School Nursing, Pedi., Critical Care.

If you are getting a patient from the ER and the patient is assigned to you I do not see the problem with looking at their records. If you are directly involved in their care you should have access to the records involved with that admission. You are going to see them when they get to the floor anyway....

Up Vote Up Vote ×
Specializes in Nursing Professional Development.

The policy at my hospital (and I think most others) is that the penalty for "serious offenses" does NOT need to start at the first step of the disciplinary process. For serious violations of policy, a person can be fired on the spot.

The "rules" were not changed. It was always against HIPAA to look to see if a patient were a friend, etc. It's just that this hospital judged this violation to be serious enough to skip the first steps fo the disciplinary process. That is not uncommon with serious violations. The question is: was that violation serioius enough to warrant that response? Some people would say "yes" but others might disagree. If I were a patient, I would probably say "yes" -- but many staff members would probably say "no."

Up Vote Up Vote ×
Specializes in ICU/Critical Care.

While, the punishment may be extreme. Think of what might happen to the hospiital should the patient recover and find out that employees were looking up his/her name in the computer system. You were wrong to have done so and now you are paying for it. Hope you learned your lesson.

Up Vote Up Vote ×

These rules are becoming extreme. It's ridiculous if you ask me. I am a relatively new nurse and I might have a patient for a day or two and then never see them again. I never know what happened to them. Did they get better, worse, what kind of complications did they develop. I'll never know, and I'll never have the patients' charts to use as a tool to increase my knowledge of the various blood cancers I deal because I was told that I'm only allowed to look at a patient's file the day that I have them. Ever.

I can't follow any of the patients' because its a HIPAA violation.

So next time a patient asks me "What's going to happen to me? Do people with my disease ever get better?," I can only say, "How should I know?"

Up Vote Up Vote ×
Specializes in Med-Surg.

Yes they are. At our hospital we have to go onto the computer and actually take a "mandatory" refresher course and test, on our own time!

It's funny you mention this because just Saturday a CNA came to me and said that she had heard a certain famous person was at our hospital, on another floor. I looked at her like, um ok, so?? She named the person, and I said, ok, and... We do computer charting too, and I was charting. I got the feeling she wanted me to look. HECK NO! Not worth my license to take a peek. Never have, never will.

Sorry that happened to you......thanks for the warning too!

Up Vote Up Vote ×

I like that your employer was very strict here. Employees have the same right to privacy as all other patients but that often doesn't seem to be the case. Many are leery of even being treated at their own place of employment for this very reason. They can take action up to and including termination so be happy it's a suspension and not something you need to explain in your next job after being fired for a HIPAA violation.

Up Vote Up Vote ×
+ Join the Discussion