Questionable privacy violation on public forum?

Published

I have a question.......If a nurse publicly mentions a patient's first name, but no last name, and does admit to being persons nurse on a public forum (FB) when said patient dies, is that breaking HIPAA law/privacy act? A co-worker, mentioned on her FB status RIP (pt's name given), a fb friend writes condolences, and another FB friend asks if she is going to said pt's funeral, then asks the nurse if she was her nurse, and she said "yes she was" and also made a comment that she was her "Thursday sunshine," but no last name given and no other information given wouldn't that still be violating privacy even though said patient died and nurse admitted to being said pt's nurse and the days she went to see her? I know this LPN meant well, but I can't help feel it is a violation of privacy. I had mentioned to my supervisors about said posting on FB, but said LPN is good friends with clinical director and I couldn't say anything to her for fear of retaliation (which is illegal, but somehow it would come back to haunt me). Any info here would be helpful.

Thank you.

Up Vote Up Vote ×
Specializes in Med Office, Home Health, School Nurse.

HIPAA violations occur when patient's name AND identifying information are given...Honestly, I'm not completely sure this IS a violation, but like you, I'm leaning very heavily towards yes. First and foremost, it was inappropriate and its actions like those of your friend that give FB a bad name. I'm assuming that your friend's place of employment is listed on her profile...if it IS, and she listed the patient's first name and that the patient has died, I would think that would be enough identifying information to be a violation of HIPAA. I'm interested to see what others have to say.

**It's also illegal for said friend to tell another FB friend that she was the patient's nurse...that's one of those questions that you answer "I'm sorry, I can't discuss that with you".**

Up Vote Up Vote ×

Yes, she does mention where she works, where she went to school as well. I'm just blown away someone would do this!

Up Vote Up Vote ×
Specializes in Med Office, Home Health, School Nurse.

Okay, so lets put it into a bit of perspective....

Let's say I'm looking around FB and I come across her profile, it says "RIP SoNSo" then goes on to tell that she saw this person on Thursdays, she admitted to being their nurse, I look over at her information and see that she works for ABC Homecare in SomeTown, State. Well, I now have the patient's first name, the fact that they are deceased, they were on homecare and receiving some sort of nursing interventions, were commonly seen by the nurse on Thursdays, and they live in SomeTown, State.

I think this IS a HIPAA violation....am I wrong?

Up Vote Up Vote ×
Specializes in Critical Care.

Did she give out medical information though? Death is a matter of public record.

Up Vote Up Vote ×
Specializes in Pediatric Pulmonology and Allergy.

I try to mask any identifying information when discussing a patient online, even if I don't use their name. If it's male, I change it to female or vice versa. I change the ages etc. I don't mention names of places I work for. Some healthcare professionals, even when using all these precautions, won't tell any patient story without asking permission first.

Up Vote Up Vote ×

HIPAA only covers certain info. Their name is not protected information nor is it protected info that they are in the hospital under HIPAA.. The dx is protected and the lab results are protected and who is paying for the treatment is protected. The actual amount of info protected is very limited and specific in scope and definition and is defined in the statute. read it some time it is a very short paragraph rule.

Up Vote Up Vote ×

It doesn't matter about said patient dying (in relation to privacy violation), what matters is her name was used, said nurse does mention in her profile information where she works, and she very willingly mentions in her interactions with her facebook friends that she saw her on thursdays and that she indeed was a patient of hers! I always thought mentioning of name be it first or last and the fact that you are their health care provider in some aspect was a violation! Yes, most deaths are of public record, however, they rarely mention a specific nurse in the obits, but families do often mention thanks and gratitude to a company that may have been providing medical care. It agribvates me that said nurse is good friends with director and that she will not even be talked to.

Up Vote Up Vote ×

I think there is more to it than that......and it is more than one paragraph.

Up Vote Up Vote ×
Specializes in Nurse Leader specializing in Labor & Delivery.

Whether or not it's a HIPAA violation to the letter of the law, I definitely think it toes a line that her employer may not want her toeing. Hopefully she doesn't live in a "right to work" state!

Up Vote Up Vote ×

Did you discuss this with your co-worker before you went above her and reported this? I'm not trying to defend breaking HIPAA rules, but if she meant well, like you stated, why not approach her or even private message her telling her why it's wrong and give her a chance to delete it before you attempt to get her in trouble and possibly fired?

Up Vote Up Vote ×
Specializes in Nurse Leader specializing in Labor & Delivery.
Did you discuss this with your co-worker before you went above her and reported this? I'm not trying to defend breaking HIPAA rules, but if she meant well, like you stated, why not approach her or even private message her telling her why it's wrong and give her a chance to delete it before you attempt to get her in trouble and possibly fired?

I agree with this. The fact that you immediately reported her, rather than saying "hey, maybe you should delete that..." suggests that there's some bad blood there, and you're more interested in getting her in trouble than protecting patient privacy.

Up Vote Up Vote ×
+ Join the Discussion