All patient information is federally protected by the U.S. Department of Health & Human Services under the Health Insurance Portability and Accountability Act (HIPAA). This act also outlines security rules and procedures of how healthcare practitioners including nurses should handle personal health information.
What Patient Health Information is Protected by Federal Law?
- Medical records detailing information entered by nurses, doctors and other health care practitioners.
- Conversations that the patients have with their doctors in regards to treatment.
- Billing information issued in a hospital or clinic
- All health information whether it was recorded or communicated orally.
There are several measures that nurses can take to ensure that they do not violate the HIPAA laws and regulations with regards to dealing with patient information.
HIPAA Document Handling
While technology has changed the way we store information, there is still a lot of paperwork involved in medical records. In most cases, patients insist on printed lab results. Lots of patient information is also stored on hard copy. HIPAA rules need to be upheld when handling paperwork. Papers, files and other hard copy documents should not be left idle in the nurse’s desks. Instead, nurses should ensure that these documents are stored when they are not in use. In addition to this, patient information filed in storage rooms should be only accessed by authorized personnel.
HIPAA Regulations for Access to Electronic Systems
The digitization of patient information has led to more efficiency when handling or retrieving this information. This information can also be transferred easily from one healthcare practitioner to another. However, electronic systems also present several challenges in keeping the information confidential and secure. Patient information can be displayed on desktop monitors, on laptops and several other device screens. This makes it easy for data theft or what is commonly referred to as visual hacking. Again, one can easily take a screenshot from a monitor in a matter of seconds. HIPAA standards stipulate that patient information should only be accessed by authorized personnel. The same information must also be protected from hacking and other unauthorized intrusions. It is highly recommended that your medical office implement HIPAA compliant hosting for your website, cloud document storage, and online patient record keeping. Privacy filters can also be used on devise screens to reduce the potential for the data being seen from a side angle.
HIPAA Standards for Situational Awareness
In order to remain compliant with HIPAA standards, healthcare practitioners should practice situational awareness. Nurses and other healthcare providers need to consult and discuss patient information. However, they should privately do this to avoid disclosing patient information third parties. Hospitals need to have procedures and standard protocol when discussing patient matters. This should include, speaking quietly especially when in a public area.
Penalties for HIPAA Violations
Intentional and serious HIPAA violations can lead to disciplinary action. This includes termination for malicious cases. Termination could mean that the nurse loses their current and future employment benefits. This makes it hard for a nurse to find employment elsewhere. In light of this, nurses need to remain vigilant when handling patient information. They must understand the HIPAA rules first and adhere to the set standards. Much of this will be covered in your CNA classes, however employers should also provide additional training on HIPAA rules to reduce the potential for legal liability.
Nursing Facts: Did You Know
Did you know that it is illegal under HIPAA regulations for a nurse to discuss a patient’s condition with their immediate family members, if the patient has not given consent or expressed a desire for the nurse not to share this medical information? Learn more about this and other specific HIPAA scenarios at HHS.gov.
