Travel Nursing Updated October 5, 2023

By Sarah Stasik

How To Address Breaches in Patient Confidentiality

What happens when a breach of patient confidentiality occurs? Patient confidentiality is breached all the time, often by accident, and nurses must know what to do when it happens.

Check out our guide to addressing a breach of patient confidentiality as a nurse.

How Often is There a Breach of Patient Confidentiality?

In a study published by BMC Med Ethics, researchers conducted 33,157 hours of observation in clinical environments and found that a breach of patient confidentiality occurred every 62.5 hours.

That's an average of around 2.5 breaches each week within the 1197-bed university hospital where the study took place.

While healthcare facilities typically require staff to go through annual training, and patient confidentiality is mandated by federal law, it's nearly impossible in the fast-paced environment of today's healthcare world to ensure zero breaches occur.

That's why hospitals and other facilities have procedures in place for addressing privacy violations.

Patient Confidentiality Laws Require Notification of Breaches

HIPAA laws require that breaches in patient confidentiality are reported. For nurses, that typically means reporting a breach — whether you or a colleague made it — to your nurse manager or a facility compliance officer.

Reporting is required whether or not the breach was an accident. Patient confidentiality laws may require that the breach be reported outside of the facility, and someone usually has to notify the patient or patients impacted by the breach.

Note that the nurse should not notify the patient about the breach. Most hospitals have a compliance or legal department that deals with issues such as a breach of confidentiality by nursing staff.

"Nurses shouldn't notify patients themselves," says former healthcare compliance officer Carol Johnson. "There probably needs to be an investigation. Someone in compliance or legal — often along with executive leadership — may decide how to handle the notifications."

Patient Confidentiality: Nursing Actions After a Breach

So, what should you do if you accidentally breach a patient's confidentiality or see someone else do so inadvertently or willfully?

1. Take immediate action to stop the breach if applicable

It may be appropriate to take an immediate step to ensure confidentiality isn't further breached. For example, if a coworker is discussing a patient with you and you don't have a professional reason to know about the case, remind them that patient confidentiality laws are in play and they should stop discussing the patient with you.

In the study published by BMC Med Ethics, around 54 percent of the observed breaches occurred as a result of consultation and disclosure of personal data — in short, they occurred when staff discussed patients with each other inappropriately.

2. Report the breach of patient confidentiality

"Nurses should pay attention to compliance training so they know what steps their facility wants them to take if they see a violation," says Johnson. "It's safe to say nurses should never just ignore the breach. That can make them complicit."

Johnson says to report the breach of patient confidentiality up the chain of command. It's usually appropriate for nurses to report to nurse supervisors or managers; they might also make a report to a department head.

If you're uncomfortable speaking to someone in your department — of if that person is the cause of the breach — speak to someone in the compliance department.

"Many facilities have special hotlines, internet portals, or email addresses for reporting issues," says Johnson.

"Some compliance reporting options even include anonymity for certain cases, but nurses shouldn't worry about their report being publicized. Compliance staff is usually trained to hold reports and investigations confidential."

What Happens when a Nurse Breaches Patient Confidentiality?

Cases are usually reviewed individually, and consequences can range from being talked to being let go. The severity of the reprimand usually depends on the size of the breach, the factors that lead up to it, and the intent of the nurse.

For example, a nurse in one facility reportedly reviewed the records of a patient who was also her neighbor. She had no reason to look at the records, but did so anyway.

Furthermore, she then confronted the patient in a waiting room to ask more about the procedure the patient was having. After an investigation, the nurse was fired because the facility involved felt this was a very severe breach of patient privacy.

"Nurses shouldn't worry they're going to get fired if they're doing their jobs as required and accidentally cause a breach," Johnson says. "Most hospitals don't jump automatically to the termination."

In fact, coming forward immediately with a report can mean a more positive outcome for nurses who make accidental breaches. Immediate reporting gives a facility an opportunity to correct an error before it becomes a bigger issue.

Nurses who make accidental breaches may be required to attend additional training. They could also face disciplinary action such as being written up or even suspended if the accidental breach was a result of a careless error or not following compliance policies appropriately.

The bottom line is that a breach of patient confidentiality is a serious occurrence in any healthcare setting. As a nurse, you are obligated to take care of the patient and maintain his or her privacy, and you can't afford to ignore a breach. Whether or not you caused it, reporting it is usually the best course of action.

Latest Blogs

Take the first step to starting your new career.

Authorized to work in the US? *
Job Type Interest *
Have you been on an Interim engagement with AMN before? *
Are you currently employed or on an active Interim engagement? *

How much notice would you have to give? *

What date are you available to start an Interim engagement? *

* Indicates Required Fields


I agree to receive emails, automated text messages and phone calls (including calls that contain prerecorded content) from and on behalf of AMN Healthcare, and affiliates. {{show_more}} I understand these messages will be to the email or phone number provided, and will be about employment opportunities, positions in which I’ve been placed, and my employment with AMN companies. See privacy policy or cookie policy for more details.

Complete Your Application!
AMN Healthcare NurseFinders logo
Continue to NurseFinders to complete your application and profile.