Hey Baby, You Look Sexy In That C-Collar

[DwayneEMTP]

No Mike, I think we're on the same page. The problem arises for me in how he obtained the information, certainly, but also in how he used it.

I've been over and over HIPAA and can't find any place that it claims that he used it improperly according to HIPAA law. Had he left a message saying, "Hey! This is mike. I was just calling to check on your ankle." Then he's screwed as we have no idea who has access to that message with obvious medical information on it on the patients personal answering machine.

But change it to, "Hey, this is Mike! We met the other day? Would you like to have some coffee sometime?" And he's now used information that he had a legal right to collect to make a call that didn't violate any HIPAA rules.

It seems that so many have been claiming that every patient privacy issue is actually a HIPAA violation for so long that now they're having a hard time letting that go.

If this was any other medical conversation it would go, "So you say that hyperventilating the head injury patient is once again the standard of care? Could you site that for me?" And that would be the end of it.

Yet in this thread I'm willing to bet that I've asked those that are claiming that I'm wrong nearly a dozen times to please quote the language that makes me so and not a single person has done so, and yet still feel comfortable stating their arguments as fact. I can't remember the last time that 'Because I say so' was considered proof at the City, yet where HIPAA is concerned that seems all that is considered necessary by most.

Not counting your arguments Mike, making the above point is separate from my response to you. It's obvious that you are exploring possible options and logic trees instead of stating unsupported ideas as fact.

Wendy, I'm not being a Nazi at all. She continues to state her thoughts as facts, and if you remove the fact that they happen to be patently bullshit, I've asked over and over for her to back them up and other than posting a bunch of random Google shit that had nothing to do with the issue, she's made no attempt to do so.

Speaking of random shit (said with love too of course :-) )....I just breezed over the links you posted, but other than containing the acronym HIPAA a few times, I could find no way that they related to this discussion. I'm not pretending I didn't miss it, but if so could you cut and paste?

Dwayne

[paramedicmike]

But change it to, "Hey, this is Mike! We met the other day? Would you like to have some coffee sometime?" And he's now used information that he had a legal right to collect to make a call that didn't violate any HIPAA rules.

He only had a legal right to collect and use the information in a professional setting. The moment he steps out of that professional setting and uses that same information is when the violation takes place. By calling and asking for coffee he is improperly using the information as it has no bearing what so ever with regards to the reason for collecting the information.

The language that covers this is included in the link Ruff posted. I don't think you're going to find anything that specifically says, "You can't use a legally collected phone number to ask a former patient out on a date". What I think you're going to find, though, is language that limits the use of of properly collected patient information. Asking a patient out on a date, no matter if it was a legitimate QA follow up call or not, is improper use of the information.

And that's exactly what the lawyers would argue should the lady in question have chosen to pursue this legally.

[Eydawn]

You didn't read? Really? It's all about the ethics of privacy and confidentiality in the healthcare setting. It doesn't have to qualify as a true HIPAA specific violation to get you shitcanned or otherwise in a world of hurt. This article specifically speaks to the use of social media, but covers pretty heavily the ideas of privacy, confidentiality and boundaries between patient and provider. Don't just skim- go back and take a good read, especially of the scenarios.

"Improper use of social media by nurses may violate state and federal laws established to protect patient privacy and confidentiality. Such violations may result in both civil and criminal penalties, including fines and possible jail time. A nurse may face personal liability. The nurse may be individually sued for defamation, invasion of privacy or harassment. Particularly flagrant misconduct on social media websites may also raise liability under state or federal regulations focused on preventing patient abuse or exploitation. If the nurse’s conduct violates the policies of the employer, the nurse may face employment consequences, including termination. Additionally, the actions of the nurse may damage the reputation of the

health care organization, or subject the organization to a law suit or regulatory consequences."

"Maintain professional boundaries in the use of electronic media. Like in-person relationships, the nurse has the obligation

to establish, communicate and enforce professional boundaries with patients in the online environment. Use caution when

having online social contact with patients or former patients. Online contact with patients or former patients blurs the

distinction between a professional and personal relationship. The fact that a patient may initiate contact with the nurse does

not permit the nurse to engage in a personal relationship with the patient."

This scenario here really hits it for me-

"Jamie has been a nurse for 12 years, working in hospice for the last six years. One of Jamie’s current patients, Maria, maintained a hospital-sponsored communication page to keep friends and family updated on her battle with cancer. Jamie periodically read Maria’s postings, but had never left any online comments. One day, Maria posted about her depression and difficulty finding an effective combination of medications to relieve her pain without unbearable side effects. Jamie knew Maria had been struggling and wanted to provide support, so she wrote a comment in response to the post, stating, “I know the last week has been difficult. Hopefully the new happy pill will help, along with the increased dose of morphine. I will see you on Wednesday.” The site automatically listed the user’s name with each comment. The next day, Jamie was shopping at the local grocery store when a friend stopped her and said, “I didn’t know you were taking care of Maria. I saw your message to her on the communication page. I can tell you really care about her and I am glad she has you. She’s an old family friend, you know. We’ve been praying for her but it doesn’t look like a miracle is going to happen. How long do you think she has left?” Jamie was instantly horrified to realize her expression of concern on the webpage had been an inappropriate disclosure. She thanked her friend for being concerned, but said she couldn’t discuss Maria’s condition. She immediately went home and attempted to remove her comments, but that wasn’t possible. Further, others could have copied and pasted the comments elsewhere.

At her next visit with Maria, Jamie explained what had happened and apologized for her actions. Maria accepted the apology, but asked Jamie not to post any further comments. Jamie self- reported to the BON and is awaiting the BON’s decision."

The point I'm trying to make here is it doesn't even have to be HIPAA itself that we worry about- there's a whole HOST of confidentiality based issues to worry about. We just focus on HIPAA because it's well publicized. Do we lump too much under it? Sure, but privacy issues are privacy issues, no matter what name we decide to tag them with.

Wendy

CO EMT-B

[DwayneEMTP]

Yeah Wendy, I get that there was a bunch of stuff in there regarding patient privacy and policies regarding them, many that may or may not get this douche jammed up.

But the ongoing conversation, for pages and pages now has been specific to HIPAA. The challenge wasn't to show that there was 'some way' that he could get jammed up, but to prove that he can get jammed up in regards to HIPAA by posting the relevant language that would do the jamming.

Mike, Ruff's link went to a huge summary of HIPAA. If it can be proved, I'm sure it's in there somewhere. Could you be more specific?

Ladies and gentlemen. This really takes me back to the thread about removing people from their homes against their will. I asked for the legal reasoning used to justify that and the argument that won the day was, "I'll just take them. Everyone knows it's ok." followed by about a hundred resounding comments of, "Yeah, that's right!"

Why does no one see a problem with saying, "This is what HIPAA covers and what it doesn't. I have no idea where it's covered or what it says exactly, but I know that it says something about it.That is my proof."

I'm truly confused by some of the smartest posters on the City being comfortable with that argument.

[paramedicmike]

You'll have to give me some time. I'm working tomorrow.

[akflightmedic]

I am with you Dwayne and glad you have kept up on this point. I haven't had time but from the very beginning I stated and continue to state this has absolutely nothing, zero to do with HIPAA. This is the focus of the conversation. All the tangents of patient privacy, ethics, "could possibly get jammed up" are bull shit tangents.

If you are gonna claim HIPAA, I want to see exactly which part of HIPAA you are using to justify your point. In my non-legal opinion but heavy personal review of HIPAA, I do not see this as a violation. The burden of proof is not on me to display as we do not prove negatives. It is those in the affirmative who religiously stand by their HIPAA statement who must demonstrate proof/evidence...much like another favorite subject of mine (whistling now). :)