Disasters and HIPAA

HIPAA, the patient health privacy law, is not only a medical/writing hot topic, but evidently a social media one as well.

Here at Redwood’s, I’ve blogged A LOT about HIPAA and writers violation of the act. You can read some of those posts by following the links: Part I, Part II, and Part III.

Let’s look at a recent example that was social media focused and revolved around the Moore, OK F5 tornado that struck on May 20, 2013.

People, in general, want to be helpful. That’s one reason why social media is becoming an avenue to try and locate lost loved ones. You’ll see missing children posters and even teens/adults posting pictures in hopes of finding biological parents that may have adopted them out.

During the crisis in Moore, an “ad” (poster, plea– whatever you’d like to call it) was put up on Facebook stating that a child had been found and said child was located at the hospital and gave the hospital’s number.

What surprised me, honestly, was the backlash of some against this photo decrying a HIPAA violation.

Umm. . . well . . . no. I don’t personally believe so.

In order to have a full fledged HIPAA violation, medical information has to be disclosed with a patient’s name. Since the sign had absolutely no medical information— there was no violation. Even if it had said the child was a patient (which is did not)— there still wouldn’t have been a violation because it didn’t disclose treatment and/or diagnosis.

This is really no different than calling up the ER and asking— “Hey, is John Doe a patient there?” Giving a patient location is not a HIPAA violation. Saying, “Oh, Yea– Johnny is here and let me tell you— he’s not feelin’ that broken femur after his blood alcohol came back at 0.5” is clearly a violation because you’ve disclosed sensitive medical information.

But I digress.

See the difference?

Let’s cut people some slack– particularly when a disaster strikes their communities. Recognize the heart of what they were trying to do— get parent and child back together.

And let’s all continue to pray for this community.

Author Beware: The Law– HIPAA (3/3)

Today, I’m concluding my three-part series on the HIPAA law. I’m going to focus on how I’ve seen it violated in published works of fiction.

Image by Neven Divkovic from Pixabay

Situation 1: A hard-nosed journalist makes entry into the hospital and begins asking the staff about a current patient. One nurse pulls him aside and gives him the information. This is a clear violation of HIPAA. All media requests will go through the public relations office. For any information to be released, the patient needs to give their permission.

Situation 2: A nurse on duty calls her friend and notifies her that another victim involved in a crime spree, that her sister was a victim of, is an inpatient at her hospital. Again, unless that person has provided direct care to the patient or the patient gives their consent for the information to be released, the nurse is in violation of HIPAA. However, the author of this particular manuscript handled it well. At least she had the character divulge that she could get in “big trouble” if upper management found out what she’d done. Think back to Brittney Spears in Part One of this series.

Situation 3: A small town high school mascot falls ill on the field during a football game and is rushed to the hospital. A paramedic takes him to the ER. When the paramedic’s wife arrives, she inquires about his condition. The paramedic/husband tells her what the doctors found. Again, the wife is not providing direct medical care to the patient. This paramedic has violated the patient’s HIPAA rights by divulging this information to his spouse. Now, I understand, in small towns– this information may “leak out”. A better way for the author to have handled this would have been to have the wife of the fallen mascot tell this woman what his diagnosis was. HIPAA doesn’t apply to family members and they can willingly share information with who they wish. That may not make the patient very happy— ahh . . . another area of conflict!

Have you seen HIPAA violations in works of fiction that you’ve read?

Author Beware: The Law– HIPAA (Part 2/3)

Situations involving minors can be an easy way to increase conflict in your manuscript. Here is an easy area to use.

Minors presenting to the ED for evaluation of a pregnancy or STD related complaint.

Here’s a set-up. Mother brings her 14 y/o daughter in to “get checked for pregnancy”. Okay, great. Already we have inherent conflict. After all, if the daughter was in agreement about allowing her mother to know this information, they could have done a home pregnancy test and matter solved.

At times, parents will bring their children to the ER thinking that, because they’ve signed them in as a patient and they’re the parent, we’ll have to do as they ask and they’ll learn the information that way.

This isn’t the case. Will we do the pregnancy test? Maybe. The patient has to be willing. Will we relay the pregnancy test results to the parent? If the 14 y/o patient says “no” then we will not.

Most states have laws surrounding minors and issues related to pregnancy or STD’s is protected information and can only be released to the patient. Depending on the state, the cut-off is 13 or 14 years. This is different from us giving information about a follow-up culture for strep throat.

I’ve had parents call back for these types of test results. Nope, can’t give you the information.

Another area is that minor patients can sign themselves into the ER without parental consent for these matters as well. Generally, for all other conditions, we have to make attempts to get the parent on the phone for verbal consent witnessed by two individuals.

What do we do?

As healthcare providers, we really do try and facilitate open dialogue between the parent and child. We’ll sit with the 14 y/o daughter privately and go over why it would be best for her to share this information, regardless of the results, with an adult.

Can you think of other healthcare situations involving minors that could be high areas of conflict?