I'm a nursing student and just started out with hospital clinicals this semester. My clinical instructor spoke briefly about a student who cut and pasted information from the EHR into their nursing care plan and how it saved them a lot of time.
Yesterday I was in my patient's chart and copied and pasted some information into my personal gmail account to help me complete my care plan. I was having trouble copying some lab values, so I took a couple of screenshots, pasted them into my gmail account and sent myself the email.
At the time I was in a hurry and obviously wasn't thinking it through. Later that day I realized how serious my error was. I sent PHI through an unsecured email system. I was HIPPA trained a few months back and of course, after the fact I remembered that we were not supposed to remove copies of PHI from the facility. This definitely would be considered removing PHI from the facility.
I know I messed up, and I know that there could be severe penalties for my error. My question is, what would you do? What is the likelihood that my breach will be discovered? Would it be better to turn myself in now, or just wait it out and see if it comes back to haunt me?
Please don't lecture me about how badly I messed up--I already know that.