Is this a hipaa violation?

NurseRatchedTheBest · Apr 27, 2016

this is all hypothetical. my point is to see where hipaa starts and where it ends for the casual nurse. With social media, texts, pictures etc etc that never go away that can come back YEARS later we now live in a federal nightmare. If Jay Z comes to burger king I can tweet the world the he ordered a hot dog. But if I (THE NURSE) tweet Jay Z is at the hospital and I work there is that a violation? Is it a violation if someone tweeted that and they were in the waiting room at the time and saw him walk in?

roser13, ASN, RN · Apr 27, 2016

this is all hypothetical. my point is to see where hipaa starts and where it ends for the casual nurse. With social media, texts, pictures etc etc that never go away that can come back YEARS later we now live in a federal nightmare. If Jay Z comes to burger king I can tweet the world the he ordered a hot dog. But if I (THE NURSE) tweet Jay Z is at the hospital and I work there is that a violation? Is it a violation if someone tweeted that and they were in the waiting room at the time and saw him walk in?

Do you have a HIPAA compliance officer at your place of employment? That would be the perfect place to pose your scenarios & ask your questions in order to make sure that you're receiving correct information. I don't know about you, but to me, HIPAA compliance is too important to trust an Internet forum for answers.

NurseGirl525, ASN, RN · Apr 27, 2016

What??? This makes no sense at all. HIPAA is pretty simple and clear cut. You can not talk about patients at all. There you go.

Boomer MS, RN · Apr 27, 2016

this is all hypothetical. my point is to see where hipaa starts and where it ends for the casual nurse. With social media, texts, pictures etc etc that never go away that can come back YEARS later we now live in a federal nightmare. If Jay Z comes to burger king I can tweet the world the he ordered a hot dog. But if I (THE NURSE) tweet Jay Z is at the hospital and I work there is that a violation? Is it a violation if someone tweeted that and they were in the waiting room at the time and saw him walk in?

To answer your original question, I believe there have to be patient identifiers. And even if there are none, it is not a good idea to discuss patients in a hospital elevator or anywhere public where another person, anyone, can overhear what is said. Clinicians discuss their patients all the time among themselves.

Editorial Team / Admin · Apr 27, 2016

Is it a violation if someone tweeted that and they were in the waiting room at the time and saw him walk in?

Is that person a healthcare professional participating in the care of the patient? No? Then they aren't covered by HIPAA. With all of these questions, it sounds like you would benefit from some in-depth review of HIPAA directly from the source or as mentioned above with the compliance officer at your facility.

Lisa.fnp · Apr 28, 2016

QUOTE= Heathermaizey; What??? This makes no sense at all. HIPAA is pretty simple and clear cut. You can not talk about patients at all. There you go.

If one could not talk about a "patient at all," then there would be NO medical books to learn from, NO case studies, No way to gather scientific-based evidence because discussing anything would be a HIPAA violation. It's about the identity of a person not a patients sickness. They just can not be tied together.

Here is a example of how one can discuss a patient. No date and time, no names, don't identify the location. Don't talk as this was your patient. I've gone to many seminars. The opening sentence starts off by the Provider or Speaker stating: A patient presented, etc. and continues to expose every single detail without it being a HIPAA violation.

klone, MSN, RN · Apr 28, 2016

Boomer is correct. In order for it to be a HIPAA violation, there needs to be patient identifiers. I believe there are something like 18 such identifiers. Name, DOB, address, MRN, driver's license number, etc.

Or, here you go:

UC Berkeley Committee for Protection of Human Subjects

If it doesn't contain one of those things, then it's not a HIPAA violation.

NurseGirl525, ASN, RN · Apr 28, 2016

QUOTE= Heathermaizey; What??? This makes no sense at all. HIPAA is pretty simple and clear cut. You can not talk about patients at all. There you go.
If one could not talk about a "patient at all," then there would be NO medical books to learn from, NO case studies, No way to gather scientific-based evidence because discussing anything would be a HIPAA violation. It's about the identity of a person not a patients sickness. They just can not be tied together.
Here is a example of how one can discuss a patient. No date and time, no names, don't identify the location. Don't talk as this was your patient. I've gone to many seminars. The opening sentence starts off by the Provider or Speaker stating: A patient presented, etc. and continues to expose every single detail without it being a HIPAA violation.

Im sorry we're we talking about research or a medical convention. Outside of the workplace, or on social media, as was presented, you don't ever talk about patients. It is easily identifiable on social media especially in small towns for a friend of a friend to recognize. So no, a nurse does not speak about patients. You are wrong.

It doesn't matter that you don't use a so called identifier, if the situation can be identified, it's a violation.

Pangea Reunited, ASN, RN · Apr 28, 2016

You should only tweet about your own heart attack.

TheCommuter, BSN, RN · Apr 28, 2016

Moved to the HIPAA forum.

canigraduate · Apr 28, 2016

Depends on what you said, who you are, and who you are talking to.

A healthcare worker can only divulge protected health information (PHI) to someone who has a need to know to complete their job duties, unless you have permission from the patient. PHI includes patient identifiers and medical information that can be used to identify the patient. The people who need to know include other members of the healthcare team, health care plans, insurance companies, and the billing office. Incidental disclosures that happen during the course of treatment are allowed.

So, you can't tell Joe Blow off the street about Granny Grumpus's cholesterol level, because Joe Blow doesn't need to know.

You can tell the charge nurse about Granny's blood pressure if she is helping you resolve an urgent situation. You can tell the Case Manager specifics about Granny so she can be placed. You can tell Food Service what Granny's diet is.

You cannot tell Food Service anything about Granny Grumpus other than her diet because they don't need to know.

You cannot tell Granny Grumpus's granddaughter anything without permission from Granny, unless Granny is mentally incompetent and Granddaughter is the healthcare power of attorney.

If you are in semi private room and the roommate overhears the nurse talking to the patient about their care, that is not a HIPAA violation. That counts as an incidental disclosure. If two doctors discuss a case at the nurse's station and the nosy Nellie hanging out nearby overhears, that is not a HIPAA violation. If a group of people are talking about the patient while they are in the lunchroom and use patient identifiers, that is a big whopping violation.

So, in light of that, what do you think?

Do any of us need to know what is going on with your old patient to complete our job duties? Nope. Possible HIPAA violation if we can tell who the patient is from what you said.

Did you use any patient identifiers? Nope. Whew! Dodged that bullet.

So far, no HIPAA violation.

How do I know all this, do you ask? I was a graphic designer when HIPAA happened and I had to type dozens of the HIPAA privacy notices, complete with examples. I can still quote parts of that law verbatim.

If you want more information, you can ask your HIPAA compliance officer. To get the information straight from the source, go to HHS.gov and click on the HIPAA link that's right there on the front page.

BuckyBadgerRN, ASN, RN · Apr 28, 2016

Oh wow. Yes, yes it is.

A patient I had died of a heart attack.