HIPAA violation/ consequnces?

Published

Specializes in CCL.

I work in the cath lab for a medium size hospital system, so we share some of the doctors with other facilities in the area. 2 days ago, we were waiting for a doctor X to finish the procedure on patient A in a different hospital, so he could come to our hospital and do the procedure on a patient B. It was past 3 pm, and some co-workers panicked because they thought they were gonna have to stay past working hours and cut into on call time. We called the other hospital for an ETA, and they said they would be able to provide us with the update in 30 min. In those 30 minutes, while we were waiting on an ETA, one of the co-workers logged into the chart of the patient A (patient in another hospital); she went into the procedure log to see how far the doctor has gotten with the procedure. My manager was sitting next to her, watched all this happen, and didn't say a word. 10 minutes after, we got a call from that hospital and they asked us to move our procedure for the next day, because the doctor was running behind.

This whole thing gave me insomnia that night, so the very next morning I called the house sup and told her exactly what happened. House sup submitted the HIPAA incident. 

Did I do the right thing? What could happen/ come out of this? 

I've heard that even unintentional violations can lead to fines. It's important for everyone in the healthcare industry to be aware of HIPAA rules.

Specializes in Physiology, CM, consulting, nsg edu, LNC, COB.

How does your co-worker even have access to the chart of a patient in another hospital, even if an affiliated institution, much less an active procedure log in use? That's the violation unless there is a bona fide reason for the access permission, e.g., your co-worker is a physician back-up for that procedure. Otherwise, this is an EHR failure, which your risk manager will take up with IT.

+ Join the Discussion