Nurse Recruiter and HIPAA violation?

Nurses HIPAA

Published

Hello group! This is my first post on AN so bear with me!

So...I have been applying for a nursing position at a hospital less than a mile from my house since 2009. I have never received so much as a response from human resources. So about a month ago, I felt the initiative to call the nurse recruiter and get an idea of how I could improve my resume/application. During our conversation, the nurse recruiter let slip that she didn't think I could handle a nursing position due to "my numerous ER visits." I contacted Risk Management at the hospital and they confirmed that this nurse recruiter had in fact accessed my medical record four times. The lady at risk management said she would "take care of it." As of yesterday, the nurse recruiter is still in her current position. I feel completely violated. Is there no privacy anymore?

So my questions is: Should I continue to pursue this through other means...i.e. reporting this as a HIPAA violation? Risk Management is no longer returning my phone calls.

Thank you, Sookie

Specializes in Management, Med/Surg, Clinical Trainer.

The non-clinical side

generally does not have access to clinical records. Maybe prior to HIPAA they did but not anymore.

That said the real story is probably worse than it appears.

It is more likely that a manager or staffer on the floor opened up your history, after getting your name and credentials from HR to review for hiring. Then after the medical record review the manager reported back the info they found to HR so you could be excluded from the hiring pool.

Up Vote Up Vote ×
An interesting story at face value.

No one else here questions the odds of a non-clinical employee in HR having access to the EHR, in a hospital with sufficient security systems functioning well enough to have documented that a patient record has been accessed?

Funny. I wish this was some random story that I had made up. Maybe then I would still feel like I had some privacy in this world.

Up Vote Up Vote ×

Thank you all for your comments! Just for clarification, the nurse recruiter was a clinical nurse at the facility at one time. I remember her taking care of me in the ward (she has a very distinctive name that you would never forget.) I'm not sure if this is how she has access, but she does.

So I did leave a message with risk management stating I would be reporting this as a HIPPA violation. Two days later I received a phone call informing me that the nurse recruiter had now been terminated. I feel bad...I guess in some ways I feel that this whole scheme of looking into records couldn't have been entirely her idea. I'm sure I am not the only applicant she did this to.

To make things worse......I currently live in the Washington DC greater metro area. This area has recently implemented CRISP. It is a healthcare information exchange. You are able to request a list of people who have accessed your account for free once a year. So I did this eight weeks ago. I received my list yesterday. I couldn't believe it, my former employer accessed my account three time the year before I left. (And no I was never a patient at this practice.) I would like to believe they were only confirming my medical absences, but still....I really don't feel I can report them because I rely on their references for my next job.

The whole reason I have brought up these two incidents is because I know I am by no means special. If this has now happened to me on two separate occasions, then I fear this has become a wide-spread problem. Please protect your privacy.

Up Vote Up Vote ×
Specializes in ICU / PCU / Telemetry / Oncology.

Don't ever feel bad about what you've done! She deserved to lose her job. The HIPAA law is in place for a reason, and if no one uses it to make ruthless people accountable for their actions, then what's the point of having the law?

Up Vote Up Vote ×

I would still report them. You don't know if she has been fired for sure. How can a practice access your info if you weren't a patient?

Is it that it's a big system with PCP's as well as hospitals and you can see all of it? I worked for one like using Cerner EHR where we could see all outpatient/inpatient/ED visits.

Up Vote Up Vote ×
Specializes in kids.
Fines for HIPAA violation are not paid to the patient. You can look it up.

I'm thinking they are referencing litigation!

Up Vote Up Vote ×
Specializes in Transitional Nursing.

Please don't feel bad. It's illegal and it's discrimination. You weren't hired because she took it upon herself to access your MEDICAL RECORDS and deem you unable to perform the job. That is just so many shades of wrong.

Up Vote Up Vote ×
I'm thinking they are referencing litigation!

What litigation? Under the privacy law, the judgment is against the facility/entity that allowed /didn't prevent the breach, not the individual who did it.

If the patient wants to litigate against the individual, he has to prove damages that resulted from the breach. Tough to do.

Up Vote Up Vote ×
File a complaint with the Hipaa compliance officer for the facility. It may or may not be risk management.

I second this. Don't assume that the person that you spoke to did anything with the information. I would give the HIPAA compliance officer a call just like JustBeachyNurse said.

I would be madder than a basket full of shook up hornets.

Up Vote Up Vote ×

Wow. I would be so mad myself. I would pursue this and report it regardless of the fact that they told you they fired her. Who knows if they are being honest. Who knows if she was the only one doing this. I would make sure they are being held accountable for this. The rest of us are expecting to respect HIPAA, they should as well. :madface:

Up Vote Up Vote ×
Specializes in NICU, PICU, PACU.

Why does a nurse recruiter have access to patient records????

Up Vote Up Vote ×
Specializes in Critical Care, Med-Surg.
Why does a nurse recruiter have access to patient records????

Because she is still a nurse. Nurse recruiters often work in dual roles, or have a bedside RN position in the same hospital.

Up Vote Up Vote ×
+ Add a Comment