What and How Much Can You Tell to Patient's Family?

Nurses HIPAA

Published

Specializes in Med-Surg Telemetry.

Once in a while, I would get a phone call presumably from a wife or son/daughter or even a friend (if the patient doesn't have anyone else) asking about the patient, sometimes asking about specific things. I'm always vague, but I would really like to know exactly what I can tell them without violating HIPAA. Also, if it's on the phone, how can I be so sure that it's really whoever they say they are?

Up Vote Up Vote ×
Specializes in Med-Surg.

You can't tell them anything. Can't even confirm they are in the hospital. What if this is an abusive spouse? What if its someone scoping out their house to rob them blind? What if its just a nosy neighbor? If they want information, I would tell them to call the patient or family representative.

Up Vote Up Vote ×
Specializes in ER, progressive care.

We are implementing "HIPAA numbers." Basically it can be anything...last four digits of the patient's MR #, last four of their SS #, etc. Some families decide they have want to have a code word. That way when somebody calls, you ask them for the HIPAA number or code word or whatever. If they don't have the correct number/word then you cannot give out any information. We try to implement this once the patient is admitted.

Up Vote Up Vote ×
Specializes in Med-Surg.
We are implementing "HIPAA numbers." Basically it can be anything...last four digits of the patient's MR #, last four of their SS #, etc. Some families decide they have want to have a code word. That way when somebody calls, you ask them for the HIPAA number or code word or whatever. If they don't have the correct number/word then you cannot give out any information. We try to implement this once the patient is admitted.

That is a really good idea. So long as those who are given this number do not pass in on without the patient's consent I guess. Or maybe you guys could have an approved list of names, and they ALSO have to give the HIPAA number.

Up Vote Up Vote ×
Specializes in Complex pedi to LTC/SA & now a manager.

When my grandmother was in the hospital, there was a code number plus my aunt had to sign off WHO could be given the information also (in case of in person visitors) (My grandmother was on a vent and thus couldn't consent).

There is no way to know who is calling, better being vague than telling the wrong information to someone who isn't entitled to confidential information. They would also say, I'm sorry but we cannot release any information please check with your family contact person. (for the stone headed they would just repeat the same sentence rather than vary and risk inadvertently releasing information)

The hospital admission consent included a release to be included in the patient directory, you had to opt out. Knowing this (and how my grandmother felt about certain other family members) we specifically asked at admission and (competent at the time) my grandmother opted out. Made for some fun family drama as she didn't want to be seen by certain people...but it was her choice.

Apparently the opt out of patient directory is becoming more common on admissions consents, I just think those doing admissions should point it out to families when a patient/representative is signing a consent. The code word for release of patient information was created once she got to the floor.

Up Vote Up Vote ×
Specializes in ICU, Intermediate Care, Progressive Care.

The hospital where I work uses a pin number system. The number is given upon admission. Only family members/friends/whoever that has the number may be given any information about the patient.

Up Vote Up Vote ×
Specializes in Med/surg, Quality & Risk.

We give everyone a 4 digit code. Family members get mad because they wait around in the ER, then when their parent gets admitted they high tail it out of there, and don't don't stick around long enough to get the code. Then they wanna call and get all kinds of minute details and get angry because we can't give them any info. SORRRRRYYYYY!!!! lol

We have an alternate policy that if they can give two of a list of personal info about the patient we can talk to them. Example home address, insurance company, date of birth, SSN...Most of them can't even do that. Sad.

Up Vote Up Vote ×
Specializes in Cardiology.

We don't have a number system, but I always put whoever it is on hold and tell the patient, "so and so is on the phone asking for information. Do I have your permission to speak to them?" Then document.....

If the patient is not A&O, I make sure the person on the phone is the HCP for the patient and the info is documented clearly in the chart. I've gone so far as to make someone fax me their copy of the HCP form if we don't have it on file for their Mom/Dad/Aunt/Whoever and then call them back once I have the info. We get lots of elderly pts whose only family lives far away, so this is the only way they can know how serious things are (or aren't.)

By the time the person gets to my zone phone, they already know 100% the pt is in the hospital- no other way to get directly to me without that info. We do have an opt-out directory, though. I haven't seen too many people use it.

Up Vote Up Vote ×
Specializes in ER, progressive care.
We don't have a number system, but I always put whoever it is on hold and tell the patient, "so and so is on the phone asking for information. Do I have your permission to speak to them?" Then document.....

I do this, too, if there was no HIPAA number established upon admission. And document to CYA!

That is a really good idea. So long as those who are given this number do not pass in on without the patient's consent I guess. Or maybe you guys could have an approved list of names, and they ALSO have to give the HIPAA number.

This is also a good idea. This would be good for "loopholes," such as the number getting into the wrong hands or something.

Up Vote Up Vote ×
Specializes in Trauma Surgical ICU.

Once admitted to our ICU, we have the spouse, daughter, son.. Next of kin set up a password, from there we ask them not to give it everyone because with the password any and all information is given. We also stress the importance of keeping phone calls to a minimum because it is hard to care for the pt if we are always on the phone with 6 different family member's. This has kept phone calls down as well as the proper person getting the information. If "family/friends" call and they do not have the password they are told to contact the family for information.

Up Vote Up Vote ×
Specializes in Med-Surg Telemetry.

Thank you so much everyone!

My unit doesn't have any formal protocols and these are all good ideas that I'm going to try to have implemented. What I've learned so far:

1) set up a type of password/code or pin number upon admission,

2) as well as a list of people approved by the patient or the one holding MPOA/HCP

3) proof of MPOA/HCP

4) keep the calls to a minimum (patient care and safety)

5) inform patient (if lucid) or MPOA/HCP if they're present about who is calling before giving any information

6) refer everyone else to contact the family - and if they don't know the contact info, then too bad

6) document (CYA!)

Please keep the ideas coming!

Up Vote Up Vote ×

Here's a potential way to comply with HIPAA in that situation: I live 1200 miles away from my parents. When my mom was hospitalized recently, I had her sign a medical release the night she was admitted permitting disclosure of her PHI so I could speak with the nurses to get updates regularly. My password was my cat's name when I called. It worked like a charm.

Up Vote Up Vote ×
+ Add a Comment