childayParticipantStatus: PhysicianPosts: 1097Joined: 01/09/2016Not long ago I had a HIPAA compliance officer from a hospital come in as a patient.Click to expand…
The fact that hospitals even have such a ridiculous “officer” says a lot about what is wrong with healthcare these daysBrains428ParticipantStatus: PhysicianPosts: 482Joined: 11/09/2017
Does ICB dictate his responses?
The attempts at prompt messaging have been a failure, IMO. My previous hospital required us to purchase iPhones (as residents and fellows) to have the required app. If you wanted to opt out, fine, but they would still take the $600. Additionally, the numbers on the phones were abandoned numbers from previous owners, so you’d get all sorts of random texts from people.
The app needed was downloaded and used by my person iPhone, and was not proprietary to the specific phone the hospital they got us. I carried 2 phones for a year as a fellow and sold the second “burner” phone the second I was done.
I’ve facetimed my colleagues in other parts of the country various cases to get their opinions. I’m not sure if it’s a violation since it’s not a 15 factor identification and firewall…August 16, 2019 at 10:14 am MST #239329GhettoParticipantStatus: PhysicianPosts: 126Joined: 08/13/2017
The thing to remember with HIPAA is that you just need to train your staff to do their reasonable best. It doesn’t have to be perfect.
Clipboards/charts and results sheets or faxes should be face down/away on countertops or exam room doors… that doesn’t apply to private doc offices/desks or nursing areas. You should call waiting room patients by first or last name (not both) or can avoid name if the assistant knows the return patient by face. You should refer to patients by room or bed number or other non-name identifiers when in the hall, on rounds, at desk near other patients, etc when you are communicating to staff who needs injection or xray or whatever. Info or results should not be given out on the phone and you shouldn’t even confirm that the patient name is seen at your office unless it is the patient themselves calling. Try a sticker sheet for the sign in, use a ipad, or have your desk girls black out names as they register them. Shred all papers with patient names on them. What the rep was telling OP is pretty much common sense these days; she wasn’t being nitpicky… although maybe her delivery of the info came off that way to someone ignorant of the requirements. Again, you don’t have to do perfect, just aim to use common sense and not flaunt patient names or other ID info. I would fully agree with her that face up/out clipboards or charts needs to be fixed asap, though.
…Our profession is so old and so red-taped with attorneys and admins and biz and govt and financials and tech and everyone else trying to get a piece of the pie that it is highly inefficient and minimally profitable anymore. It’s sad. All you can really do is try your best to comply in basic terms and transcend the nonsense documentation, consent, privacy, coding, accessibility, conduct, ever changing tech, etc etc etc requirements and manuals which are often thicker than phone books. Take better care of your patients than your notes is all you can do.
It’s all just a game. A box to check and move onClick to expand…
Basically, yes^Click to expand…
Our policy is to just refer to the patient by last name: “Mr Jones?” (Relax, not a real patient)
If someone asks for their name to be kept confidential then we’d do it. Not one patient has asked. Ever.
Again, I’m not turning patient charts around in racks in my dermatology office when hospitals have multiple inpatients in the same room and ERs and ASCs have bays separated by curtains, etc. How is a doctor speaking to a hospitalized patient with another patient and family in the room not a huge HIPAA violation? That happens thousands of times a day. Why do dentists and orthodontists routinely have plate glass windows in which patients are on full view of people in the parking lot?
If that’s ever changed then I’ll take seriously privacy concerns that someone might see a patients name in a chart rack in my office.ZaphodParticipantStatus: Physician, Small Business OwnerPosts: 6339Joined: 01/12/2016Click to expand…
Our policy is to just refer to the patient by last name: “Mr Jones?” (Relax, not a real patient)Click to expand…
Lol.hatton1ParticipantStatus: PhysicianPosts: 3128Joined: 01/11/2016
HIPAA = STUPID….. Does anyone see a correlation between the nursing staff not knowing patient names and medication errors? Making it harder to learn patient names is a backwards step.
I blog at http://doctoroffinancemd.com/DusnParticipantStatus: PhysicianPosts: 199Joined: 01/02/2018
Agreed. Meanwhile the only people that I really don’t want to have my health information (insurance companies) already have it and apparently can easily share that health information amongst themselves and with future insurance companies that I may want to buy a policy from.August 18, 2019 at 9:21 am MST #239599DusnParticipantStatus: PhysicianPosts: 199Joined: 01/02/2018
Also I think COBRA coverage (which I’m glad for) was supposed to be the main purpose of HIPAA originally. That P stands for “portability” not privacy. I’m not sure how all the excessive privacy regulations got wrapped into it or if they are really even part of it or are made up by “inspectors” who don’t actually know the law.Vagabond MDParticipantStatus: PhysicianPosts: 3486Joined: 01/21/2016
Agreed. Meanwhile the only people that I really don’t want to have my health information (insurance companies) already have it and apparently can easily share that health information amongst themselves and with future insurance companies that I may want to buy a policy from.Click to expand…
Not only that, the insurance companies seemingly routinely have major security breaches that allow all of that personal information to be available to hackers and the hackers’ clients. Me sending a text of an unusual case to a colleague is not going to put anyone in privacy danger, but it might get the patient a more informed and precise diagnosis.