HIPAA Compliance- posting patient names on assignment board

Nurses HIPAA

Published

I was wondering if anyone has heard about this or is experiencing this as well. I work on a cardiac tele unit with 52 private rooms. It's a very large unit and it has two distinct nursing stations. On each nursing station there is a board by the secertaries listing the room number, patient's name- it's also our way of listing what nurse and tech has assigned to them. We use to list the patient's last name, and if there are two people with same last name we would add a first initial. Now we are being told that it's not HIPAA compliant to list patient's name on the board. We now have to list the first 3 letters of their last name and the first initial. Now, what I don't understand is that anyone can call the hospital and find out if so-so is admitted, unless they chose to be a no-info patient. How is this any different? We are not listing any more type of identifying information other than a name which has multiple purpose- quick reference, let's the docs look and see where their patient's are, let's people know who the nurse is for a specific patient. What do other places do to display information? Any ideas how to make this better- I mean, a better way to display our assingments?

Specializes in ICU, ER, EP,.

Mind you my unit is smaller, but our step down with 38 patients used to list names. Instead... due to multiple compounding regulatory agencies... no name is displayed anywhere. You are expected to ask the identity of each patient and compare it to their ID band each time you enter the room. If the patient cannot comply, you manually look at the arm band and identify two identifiers, the DOB and med. record number. All our meds are scanned by this band.

This way, confidentiality is ensured and is private in each room... you never know who wanders where as far as visitors and having names posted sets you up. Just check each time, in each room and you are safe.... so is your patient.:D

Up Vote Up Vote ×
Specializes in Ante-Intra-Postpartum, Post Gyne.

If some one directly asks to be sent to so and so's room then we will transfer them unless they specifically ask for no calls. If some one calls and ask if Jane Doe is there and/or indicates they are calling to find out if she is having a baby at our hospital because they do not know; then we can not give that information out. If some one is in the hospital and they want people to know then they will tell people. And as far as emergency situations go, its only immediate family that gets to know when they ask...not just anyone that calls.

You can not even call the Best Western and say "Do you have a Sam Jones staying there?"

Up Vote Up Vote ×
Specializes in Emergency.

When I read this, I could have sworn you worked at my hospital. We do the exact same thing. Only difference is, your unit has 52 beds vs. ours only having 51 lol. We have three nurses stations since it's such a big unit and their are assignment boards at all three. We put (name alert) if someone has the same last name instead of putting the first initial but everything else is still the same. Funny thing is, I was just talking about that being a HIPAA violation about 2 weeks ago with fellow co-workers. Guess we weren't the only ones wondering.

Up Vote Up Vote ×
Specializes in CCU, SICU, CVSICU, Precepting & Teaching.

some of these hipaa requirements are getting a little silly. if we'd all been using common sense to begin with, some of these silly rules would never have happened. unfortunately, common sense isn't all that common.

Up Vote Up Vote ×

to be a breach...it has to cause certain harm and a critical mass. meaning breach has a threshold, harm threshold and number of patients threshold.

in your situation, name is breached, no other information. let us consider this situation, if the unique patient turn over is an average 2 days, in a year you have given out the names of about 1000 patients! that qualifies the critical mass!

what about the the harm threshold? only the name!

i do not see any financial harm...do you? (no socialsecurity,bank account or credit card information is given out)

reputational harm... nope, any? (would patient really care if someone knows he/she is in the hospital?)

other harm...cant think of anything.

that means, the breach need not be notified. in fact, it is not a breach which needs action to be taken or fines to be imposed!

however, let us shift the gears, take a name...say david wolfe, a google search reveals that there is a news item on that name!

who is he? his name is davidwolfe,and if you don't know him,he happens to be the most recognized super‐ nutrition authority whose fans and clients includet.harv eker, tony robbins, angela bassett, woody harrelson,and hundreds of thousands more.

he reveals step‐by‐step what to eat and what to do for immediate immunity transformation. david wolfe has been a professional nutritionist forover 16 years now and is a highly respected raw food and super food guru (or as he calls it, a "gastronaut"). known as david"avocado" wolfe or "the chocolateman," his knowledge is extensive and he believespowerfully in the statement, "what you eat becomes you. "he said,"i’m never sick. ever. i’ve preloaded my body with super foods and super herbs."

now reconsider the harm threasholds:

financial harm - yes, no one will buy his product, or even sue him if they come to know he was sick and in your hospital!

reputational harm! ofcourse, his reputation of never been sick is gone!

other harms...may be...possible, one of his customer gets mad...and .....could be!

thats a breach! and all the chances patient may sue you for violation!

better be careful than create a situation to my hospital, isn't it?

so called hipaa experts are there to tell us, what to do, when we are in doubt, not to give us trouble!

(thanks to davidbehinfar,jd,llm,chc,cipp for this example)

you may connect with me if you have questions.

Up Vote Up Vote ×
Specializes in NICU, Post-partum.

At our hospital we have, as part of our consents, if a patient has an issue with their last name being posted outside their door or on a patient board.

Only in very rare cases with social issues, do we have a patient to object.

Up Vote Up Vote ×
Specializes in ortho, hospice volunteer, psych,.

when my great aunt was hospitalized and was gravely ill, it became tough to keep five generations of relatives updated on her condition when we were spread all over the country and beyond. plus which, it had to be done without panicking a couple of elderly relatives. we didn't want to depend on the generation above mine for updated info, but we needed to know. our solution?

if we called the hospital, we used my great grandmother's last name as a password. we then shared information, test results, how she was, how had visited in person etc. in emails that went to each of us as a group.

it meant we didn't have to bug the staff quite as much.

she, who had referred to herself as "an unclaimed treasure" for decades, could have her information shared freely with

the family, yet keep what she chose private from the nosy church circle ladies.

Up Vote Up Vote ×

Male, 56, CHF--then the doctor and nurse listed by room number. We have a white board, each room listed down the side, and the information across. It is funny, the names don't mean much--as most nurses describe patients as "the fractured hip in 553". and the doctor just wants to know where the patient is and what is wrong with them and who the nurse is. I would assume when they admitted the patient they would know who they are....or they could then grab the chart.....

Up Vote Up Vote ×
Specializes in ICU.

My unit uses a dry erase board and writes only the pts last name. There is a metal box built in over it, so when no one is reading the board, you just flip the box over and cover the names.

Up Vote Up Vote ×
+ Add a Comment