Confidentiality Breach Consequences?

Nurses HIPAA

Published

Hello! I'm a recent nursing student and had a question about confidentiality breaches:

If a group of nurses is overheard talking about a patients' identifying private health information publicly in the hospital, what are the consequences that could occur from this? And who in particular should be notified about this issue? Just the nursing manager or someone higher up?

I think this is important to understand and I cannot find any clear articles online outlining specifically who to inform and what might happen.

Thanks in advance for the advice and help!

Up Vote Up Vote ×
Specializes in Healthcare risk management and liability.

Consequences for this type of confidentiality breach can range from a verbal warning, to a written warning, to further progressive discipline up to and including termination, as provided for by internal hospital policies and/or the union contract. In terms of who to notify, I always like to notify the next person up the nursing chain of command. Alternatives to notify would be the compliance officer, the privacy officer, the risk manager, any compliance/privacy hotline at the facility or any member of the hospital's senior leadership team.

Up Vote Up Vote ×

Thank you! I appreciate your insight!

Up Vote Up Vote ×
Specializes in PICU.

If you see this, remind the group that you can hear the information. I think many people get comfortable around co-workers or others and may feel the need to discuss that patient at that moment. A gentle reminder to people may solve the problem. If reminders do not work, then yes escalate. Sometimes nurses may be talking about a case or patient with people who may need updates or questions on how to proceed, the group may be comfortable with each other and not be mindful of the public location. They may be talking and not realize how public they are or that others can overhear the conversation. Gentle reminders can go a long way. it is easy to start talking in a public place. For example, RNNPICU is walking down the hall, finally getting a cup of coffee, other RN walks over and says, wow, nice job on that kiddo yesterday. And then starts asking questions or details, and gives additional information. it can happen so easily.

Immediately going up the chain without speaking to the group first is not correct. Address the issue first with the group

Up Vote Up Vote ×

Thank you! This was helpful as well. I agree informing the group before escalating is a much more pleasant way to deal with this type of situation.

Up Vote Up Vote ×

If it's students, the first person to go to is their instructor. You would also notify the charge nurse on the unit where they were working. If it's nurses, as in staff, the person to whom to report would be the hospital risk manager and the charge nurse.

As to "Who pays the penalty?" the students will get penalized by their school, as they are bound to have had "the talk" about confidentiality. If the patient can demonstrate harm, the hospital will pay because they didn't make their policies on confidentiality clear enough to the school to have the school impress them upon the students enough, or, for an offense by a staffer, because they didn't supervise and train the staffer enough. :)

CMS levels penalties on institutions, not individuals. However, the institution can do whatever they have in their P&P book to the individual that caused the institution to have to pay up, like firing them.

Up Vote Up Vote ×
Specializes in Complex pedi to LTC/SA & now a manager.

As a student you go to your clinical instructor.

Up Vote Up Vote ×

Thank you!

Up Vote Up Vote ×
+ Add a Comment