5 HIPAA Violations You Might Not Know You're Committing
If you think you never violate HIPAA laws as a nurse, you may be mistaken.
Inadvertent disclosures can be easy to fall into, especially in a busy or crowded hospital environment, and you may be committing HIPAA violations without realizing it.
The U.S. Department of Health and Hospitals actually investigates hundreds of privacy rule complaints a year, and many disclosures aren't reported that far (or at all, if no one knows they're being made).
Find out more about common nurse HIPAA violations below.
5 Common Nurse HIPAA Violations
From the patient who accidentally bombed your selfie to elevator conversations you may chalk up as part of the care package, HIPAA breaches can come at surprising moments.
Here are five ways you could be putting yourself at risk for a HIPAA violation penalty for nurses.
1. Seemingly Innocent Snapshots and Selfies
Christy Saia Owenby, CEO and Creative Director at MOXY Company, is part of the Mayo Clinic Social Media Network.
She points out that pictures captured with your mobile phone may lead to inadvertent HIPAA violations.
"Whether the images are being used on the nurse’s personal social media page or the medical practice’s accounts," says Owenby, "HIPAA violations can occur when any patient information can be seen in photographs and consent has not been given."
Owenby says they encourage healthcare staff to be aware of screens, files and documents that include PHI, because those items can be picked up by the camera.
It's also important to be careful when taking pictures near doorways of exam rooms or waiting areas to ensure you don't capture a patient in the shot.
Dr. Kim Jones, Dean of Nursing at Linfield College, points out another concern with mobile phone photos, even when used for clinical purposes.
She notes that a nurse might use "a personal phone to take pictures of wounds to gauge change in healing over several days." The problem is that metadata associated with that image may be identifiable.
Dr. Paul Smith, the Associate Dean of Nursing at Linfield College, points out that the National Council of State Boards of Nursing issued a statement on the use of social media for nurses for precisely these reasons.
He personally knows professionals who faced a potential HIPAA violation penalty for nurses and had to go before the Board of Nursing due to patient information being linked to their social media posts.
2. Large Display Screens can Lead to Inadvertent HIPAA Violations
Adnan Raja, the Vice President of Marketing for HIPAA-compliant web hosting solution Atlantic.Net, says HIPAA violations may occur when nurses are using screens to review private patient data.
"Large display monitors may be able to simplify your nurse's tasks," says Raja, "but if they're making patient information visible to unauthorized and untrained staff or other patients, compliance will become an issue."
Ways to keep this type of HIPAA nurse violation case to a minimum include using privacy screens over monitors to diminish the viewing angle and logging out of patient EMRs when you leave the work area.
3. Discussing Medical Issues with a Patient with Visitors Present
Risk management and patient safety specialist, John West teaches courses on key legal topics for healthcare providers, and he says,
"Providers sometimes walk into a patient's room in which a number of people are present and assume that they can discuss the patient's medical condition in front of these visitors without first ascertaining whether that assumption is correct."
Nurses should ask patients if they can discuss their condition or ask visitors to step outside during the conversation or any exam to avoid HIPAA breaches.
4. Asking Someone Who isn't Your Patient About their Healthcare
Asking your neighbor how they feel after their latest surgery might seem like a polite and caring thing to do, but as a nurse, it depends on how you found out about the procedure.
Shanna Shafer, BSN, of BestNursingDegree.com, says a common HIPAA violation "can happen when a nurse finds that someone they know is being admitted to a health care facility. . .or has an appointment. . ." within the course of their work.
If the nurse sees that person out walking their dog and asks about the procedure, that's a HIPPA violation. And it's certainly a nurse HIPAA violation if you discuss something you learn about a patient because of your job with a third-party or friend.
5. Discussing Patient Information with Your Coworkers
Even talking about your patient or case with coworkers isn't always on the right side of HIPAA laws.
Healthcare information is typically considered to be on a need-to-know basis, which means you should only discuss the case with other providers who need the information to do their jobs.
And even if you're talking to the right people, be careful where and how you talk. West notes that talking too loudly in the patient's room with the door open can lead to inadvertent disclosures to people passing in the hall, for example.
To avoid HIPAA violations, avoid using loud voices and keep discussions to private areas whenever possible.
It may seem like an impossible task, but a bit of forethought and care can keep you from breaking HIPAA laws and facing potential consequences.
The expert advice all seems to add up to one thing: think before you speak, share information or snap a picture to safeguard patient privacy.
Additional Nursing Resources:
- AMN Passport: Our all-in-one nursing app for booking nursing jobs.
- Nursing Salary & Benefits: AMN Healthcare offers our nurses some amazing salaries and benefits. Find out what's in store for your nursing career today.
- Travel Nurse Licensing: Find out about nursing requirements for all 50 states.
- Exclusive Facilities: AMN Healthcare has relationships with the most sought-after healthcare providers.
- Refer-a-Friend: Make up to $2,000 per referral.