Medical documentation system not HIPPA compliant

Are you in a district with other nurses? what do they use? Do you have a supervisor? What is your policy for documentation? Does the principal /VP/registrar even KNOW that they can read this info? And do they read it?

I don't see a problem with the Principal or VP having access - they are in charge of the school, they should know the details that go on with each kid including those details from the clinic. Registrar - maybe shouldn't have access to your notes but in my opinion should be able to pull up your logs to see who you sent home ill so the attendance records can match - this comes into play if there are truancy issues with students.

I doubt the principal or VP even look at the records - I know mine don't, if they have questions they usually come straight to me. My Registrar doesn't look either - easier to pick up the phone and call me regarding clarification of a student going home ill - and with that I don't give details - just the general reason - vomit, fever, injury etc so she can make a note of it on her end incase truancy issues come up.

Even if your admin doesn't consider the clinic documentation HIPAA compliant it still needs to be FERPA complaint - the health records are part of the education records - there are privacy laws regarding education records.

I wouldn't worry to much about it nor would I document another way - if your district set up online documentation I would stick with that.

FERPA only applies to schools that receive public funding (public and charter schools). Completely private ones are not subject to the law.

HIPAA only applies to entities that use electronic processing of insurance claims. Most schools are not subject to HIPAA.

I would however be concerned about unfettered access to medical records. If a Principal or Registrar can get at it, then probably just about any staff probably can.

On 3/4/2019 at 9:08 AM, RNTadaaaa said:

I just found out that the online system my school uses for entering attendance/medical/immunizations/etc is not HIPPA compliant due to the fact that they are not a covered entity and because the PHI stored on their server is considered Education Records.

I have been writing student notes in the medical portion of this system. When I called customer support to find out who has access to medical info they said the Principal, VP and registrar.

At my previous location all of our online documentation was HIPPA compliant and if access to notes were needed, they needed a subpoena.

Not sure how to feel about whether to continue documenting on the online system or to begin documenting on paper forms instead and filing in student medical chart?

What format do you use to chart?

As an aside, who do you go to, to ask legal questions that come up over your nursing carreer? 

The issue is that schools do not have to be HIPPA compliant, we have to be FERPA compliant. This is why we run into issues with MD offices, we have differeing sets of privacy rules. It is not an issue for the administrators to see our notes, in fact it falls under FERPA coverage, so you are fine and don't need to worry about your license. You might want to do some research int o FERPA. It will put your mind at ease.

The poster was in an "independent private school" per their admission. They're likely not subject to FERPA either.