Hospital Employees Tripped Up By HIPAA Laws
Athens, GA (Sept 27, 2007) - The Health Insurance Portability and Accountability Act (HIPAA) in the United States is designed, among other things, to protect the confidentiality of medical records. Since the signing of the law on by President Bush on August 21, 1996, there have been many examples of bizarre interpretations of the law. In the case of this reporter, a hospital in Baltimore would not say where a parent had been discharged to because it would be a HIPAA violation. There have been stories where ambulances could not be given addresses because it was felt that it would be a violation. On the humorous side, the University of Georgia Veterinary hospital applies HIPAA laws to the treatment of horses.
In a story in today's Laramie (WY) Boomerang, it has been reported that a number of employees at Ivinson Memorial Hospital (IMH) have been terminated, suspended, or reprimanded for violating the law by reading their own records:
url="http://www.laramieboomerang.com/news/more.asp?StoryID=107164"]“The HIPAA regulations, our interpretation of them … is that you can’t look at your own records or any family member records unless there is a clinical need to do so,” Interim IMH CEO Nick Braccino said. “If you are doing so just because they are there and you have a private interest, you are violating HIPAA regulations and patient confidentiality.”
No one, he said, will be terminated solely for viewing their own information. However, he added, employees who view their own information and commit other violations might face severe reprimands. Hospital administration, he said, will act as consistently as possible in addressing HIPAA violations while considering them on an individual basis.[/q]
At the Athens Regional Medical Center in Athens, GA, a different approach is taken than in the case of Ivinson Memorial Hospital. According to Lori Alexander of ARMC's Health Medical Information office, employees are allowed to view their own records. But to do so, they have to make an appointment with that office, releases have to be signed, and they may not review them unsupervised. This is done so that records may not be altered. Electronic audit trails are used with electronic records to track any and all use. If an employee finds a way around these procedures to view their own records, they will be terminated.
The key to this is education and awareness. As reported in the Boomerang:
url="http://www.laramieboomerang.com/news/more.asp?StoryID=107164"]At 37 training sessions throughout the year, HIPAA regulations — including those over viewing one’s own records — have been reviewed, IMH Compliance Officer Dean Jessup said. HIPAA regulations stating that employees are not allowed to view their own or others’ records have been posted at each of the hospital’s time clocks and other well-traveled locations, Jessup said. He added that disciplinary action was taken in at least two cases against people who admitted that they were aware they were committing a violation by viewing their own or others’ records.[/q]
Eleven years after the signing of the law, it is clear that medical professionals and patients are still struggling to understand what is and is not allowed under the law. In some cases, people are losing their jobs over it.