As nurses, we love to share knowledge, experience, and our grief over patients we have loved and lost. It’s a way of bringing us together and being able to share with our loved one what we do on a daily basis, and how hard we work. Other professions do have standards and are careful about what they share about clients but for those in health care, it’s different and even scary to think about breaking HIPPA laws.
What is HIPPA?
HIPPA, otherwise known as the Health Insurance Portability and Accountability Act, was enacted by the Clinton administration to help limit the sharing of personal health information (PHI). So, for health care professionals specifically, this means you cannot discuss patients or details of patient care with anyone not specifically authorized by the patient. This means no visitors, no discussions with other nurses who aren’t caring for the patient, no discussions in public areas of the hospital, or elsewhere. Nothing can be communicated over the phone pertaining to the patient’s health information, and be sure to follow your facilities protocol for sending information over secured technology platforms, such as email and faxes.
How, as health care professionals, can you be compliant in this day and age where information can travel so fast? Here are a few tips to remember when you are working at a facility:
Avoid Discussing Patients in Public Spaces
It’s best to limit your discussions to private areas that aren’t easily accessible to the public. Do not assume that because a visitor is in the room, you can go ahead and share information in front of them. If you and another health care worker need to have a discussion, make sure it is away from the patient’s room and far enough away from any other employees or family members who could be lingering nearby. Also, it’s best to avoid discussing patients in such areas as waiting rooms, cafeterias, or out in the community. Save it for work in a private space.
Never Share Your Login Info
It’s a good practice to not share your login info to your computer or systems, anyway, but especially so where patient PHI is available. Also, be aware of where your mobile devices or laptops are located. They should either be on your person, within arms reach or in a safe location. Don’t leave them out and unattended, in the chance that they get stolen and all of your facility’s PHI is at stake. Make sure all devices are password-protected and don’t get into the habit of texting coworkers patient information from your personal cell phone.
Secure All Medical Records
Never leave medical records out in public or unattended. Be sure to limit distractions while filing and saving PHI to folders or sending emails. Have a system in place where you are double-checking your work, so that information doesn’t get into the wrong hands.
Avoid Using Social Media at Work
A quick snap of a selfie and a share could leave you and your patients’ privacy exposed. It may seem harmless to post a photo of you and your favorite patient, but people can easily piece together information they gather from a photo. The color of your scrubs can identify the floor you work on in most hospitals and in that case, the specialty you are in. Someone may recognize the patient and begin putting together a narrative that may or may not be true.
Also, if you are a blogger or like to vent on social media platforms, be aware that others may be looking back into older posts to piece information together. If a monumental, or tragic event happens at work that you need to share, it’s best to wait a few days for emotions to subside before posting.
Follow Document Disposal Protocol
Dispose of documents containing PHI according to your facility’s protocol. Your facility should have a policy in place for destroying PHI. Usually, material is pulverized, shredded, or burned. Ask a supervisor if you are unsure.
Trust Your Gut
Use your gut — if it feels wrong to share, it most likely is. Seek clarification from your supervisor before involving yourself in conversations or handling sensitive information.
While HIPPA laws are to be strictly enforced, they aren’t meant to scare you away from effectively doing your job. Keeping yourself informed on the best practices, and regularly checking yourself and your coworkers, will be the most effective way to keep everyone in check and reduce the risk for accidental sharing.
If HIPPA is for some reason violated by accident, it would be wise to share this information with your supervisor so that it is documented. As a health care professional, you are entrusted to maintain the privacy of patient information, and it is part of your job duties to keep that information from getting into the wrong hands.