# Is this a HIPPA Violation?



## sambone (Jan 3, 2008)

I work in a rural community hospital HIS dept. One of the clerical staff reads medical records aloud to other employees in the department, makes comments on the content.  One of the records belonged to a fellow co workers mother who had come into our ER and expired. The second incident recently was a gunshot wound.  This staff member seeks out these records and reads them with great relish, asking some of the nurse coders what certain diagnoses mean.

This has been reported to the departmental manager who also happens to be the compliance officer.  The HIS member who first reported these incidents was told, "oh I know she reads the records."  The second incident was reported by another department member who heard the information second hand.  She was advised by the manager, "The person who hears this should report it to me."  

My question is this, is this inappropriate behavior as the member reading the records does not have a 'need to know' this information. Her position is clerical and her duties include putting records together and in order.

Should we be concerned? If so where do we go with this from here?
Any input would be greatly appreciated.


----------



## cconroycpch (Jan 3, 2008)

This certainly is a HIPAA violation.  Any person with access to confidential information needs to treat it as such.  Any breach of that needs to be reported to the HIPAA compliance officer.  If you do not see the compliance officer take any action, it doesn't mean that no action is taken.  The compliance officer should speak with the individual privately to resolve the matter.  If you witness further HIPAA violations, speak with, or even better, send an email to the HIPAA compliance officer to start a paper trail.  Only state facts in the email of what you witnessed and ask what, if any, next steps you should take.


----------



## mmelcam (Jan 3, 2008)

I agree, this is a HIPPA violation. This should be reported to your HIPPA compliance officer.


----------



## mcpalmeter (Jan 3, 2008)

*Is this a HIPAA Violation?*

Hi.

It absolutely is a HIPAA violation.  If this issue has been reported to the supervisor who is also the HIPAA compliance officer and the behavior is not being addressed (to your knowledge) or the behavior continues, then the concerned employee who has witnessed this behavior could certainly report the problem/file a complaint with the Office for Civil Rights.  

The website is www.hhs.gov/ocr/hipaa

The website gives instructions on how to file a complaint.

Best Regards,

Maryann C. Palmeter, CPC


----------



## kevbshields (Jan 3, 2008)

Your facility should have a "Compliance Hotline" for anonymous reporting of such incidents.  While I feel it is absolutely an issue of professionalism (or lack) and privacy/compliance breech, I'm not sure it violates HIPAA.

Your employee is a member of HIS; his/her responsibilities and rights allow access to sensitive information, but that does not warrent the employee openly discussing record content, patient information/diagnoses and evidently does not relate directly to his/her job duties.

Consider placing the call and leave it at that.  If the incidents continue, the employee may find him/herself looking for a new career path.

Good luck and I'm sorry to hear you have to be exposed to such a level of incompetence from this fellow worker.


----------



## sambone (Jan 10, 2008)

*Compliance issue with fellow co worker*

My sincere thanks to all who responded to this problem.  I have long felt this was an issue and the other coders agree. We will take the appropriate action.


----------

