Is This a HIPPA Violation?

Published

Before I contact the HIPAA officer at my facility, I would like some of your opinions. Is it a violation of HIPAA for an employee who was not involved with a patient who coded, and not even working on that day, to look up the medications that were given prior to the code via the pyxis, just to "see what went on", when she came into work two days later?

BTW, the patient ended up being okay and didn't even have to leave the floor.

Specializes in Maternal - Child Health.

Was she caring for the patient on the day she looked up the information? If so, it seems reasonable for her to review the events that led up to the code, including medications administered to the patient.

If she was not caring for the patient, was she involved in a QA review, risk management investigation of a sentinal event, pharmacy/nursing med error review or other legitimate examination of the event?

Was she caring for the patient on the day she looked up the information? If so, it seems reasonable for her to review the events that led up to the code, including medications administered to the patient.

If she was not caring for the patient, was she involved in a QA review, risk management investigation of a sentinal event, pharmacy/nursing med error review or other legitimate examination of the event?

No, she was not caring for the person. She was not charge that day, she had nothing to do with said patient. She was just trying to see if the patient had been overmedicated or any other errors were made, etc. She is the type who gets involved in other nurse's business, if you know what I mean. It seems, every department has one like this!

Yes I would consider this a breech of the intent of HIPPA. The Health information that the HIPPA is served to protect is defined as any information, whether oral or recorded on any medium including paper and computers, that is created or received by a health care provider or health care related entity relating to past, present or future physical or mental health or condition of an individual or payment for health care.

The health information designated as confidential is disseminated only as authorized by the patient or to those with a legitimate business need to know. A "legitimate business need to know" means that we are accessing clinical or business information ONLY when necessary to do our jobs. The control of confidential health information is afforded to each of us by state and federal law.

I would expect that your facility has a officer that one can report this to. In fact one might expect that you have a professional obligation to do so.

A

Yes I would consider this a breech of the intent of HIPPA. The Health information that the HIPPA is served to protect is defined as any information, whether oral or recorded on any medium including paper and computers, that is created or received by a health care provider or health care related entity relating to past, present or future physical or mental health or condition of an individual or payment for health care.

The health information designated as confidential is disseminated only as authorized by the patient or to those with a legitimate business need to know. A "legitimate business need to know" means that we are accessing clinical or business information ONLY when necessary to do our jobs. The control of confidential health information is afforded to each of us by state and federal law.

I would expect that your facility has a officer that one can report this to. In fact one might expect that you have a professional obligation to do so.

A[/quote

Thanks so much for answering my post!

Specializes in Oncology.

The patient coded and was left on the floor?

By the OP's description, yes, it was a violation. The nurse in question was not working that shift, was not involved in the code, and apparently had no need to know.

And it's HIPAA, not HIPPA.

The patient coded and was left on the floor?

YES...a code was called, but the patient did have a pulse. Just stopped breathing. Code team got her stable and was going to send her to ICU, but while waiting for a bed and monitoring her, the docs decided she was fine and was able to stay on our tele floor. Why do you find this so odd?

Specializes in Emergency & Trauma/Adult ICU.
YES...a code was called, but the patient did have a pulse. Just stopped breathing. Code team got her stable and was going to send her to ICU, but while waiting for a bed and monitoring her, the docs decided she was fine and was able to stay on our tele floor. Why do you find this so odd?

Without knowing anything about your tele unit (nurse-patient ratio, availability of MDs to intubate, etc.) ... an episode of apnea/respiratory arrest certainly makes one consider moving the patient to an environment where intubation can be immediate if it happens again, doesn't it?

Edited to add: as for the original question ... before contacting your compliance officer, I would think about why this is upsetting you. Is there value in reviewing this patient's course as a learning experience for your department?

Specializes in ICU.
The patient coded and was left on the floor?

I saw this once. The pt had choked, the airway was completely obstructed and the code was called. I was a tech at that time; I was just around the corner and by the time I got there, the Heimlich had been performed, airway was open, pt OK. She stayed where she was.

:paw:

Before I contact the HIPAA officer at my facility, I would like some of your opinions. Is it a violation of HIPAA for an employee who was not involved with a patient who coded, and not even working on that day, to look up the medications that were given prior to the code via the pyxis, just to "see what went on", when she came into work two days later?

I don't know about a HIPAA violation but I do know that one must be very careful about "snooping". Case in point, one time, one of of our RN's, an asthmatic, was hospitalized for an acute exacerbation . . . apparently, several RN's not involved in her care, accessed her computerized records . . . they were all "counseled". Also, when Chelsea Clinton and Bill Gates were inpatients, you'd better believe that the information systems guys were monitoring every access.

If you have a need to access patient info, that's fine . . . but, snooping can definitely get you fired.

Specializes in Oncology.
I saw this once. The pt had choked, the airway was completely obstructed and the code was called. I was a tech at that time; I was just around the corner and by the time I got there, the Heimlich had been performed, airway was open, pt OK. She stayed where she was.

:paw:

Choking is one thing, as the airway is able to be cleared. A patient who just randomly stops breathing seems to be a situation where a patient is usually sick enough to warrant an ICU bed. Yes, I do find this extremely odd.

+ Join the Discussion