Ryan Gray, MD, is a former Air Force Flight Surgeon. He is now helping premed students overcome obstacles on their journey to become physicians at the Medical School Headquarters.
The Health Insurance Portability and Accountability Act (HIPAA) started out as a good idea. But, many medical professionals have started to read too far into HIPAA, making doctorsâ€™ jobs more difficult and, in some cases, affecting current and future patient care.
The Health Insurance Portability and Accountability Act (HIPAA) started out as a good idea. But, many medical professionals have started to read too far into HIPAA, making doctors’ jobs more difficult and, in some cases, affecting current and future patient care.
Although HIPAA prohibits the disclosure of certain sensitive information, other information can be released without the patient’s consent as long as the patient is made aware of the disclosure policy. This is why many doctors and hospitals now have their front-office staff members hand out “privacy policies” for patients to read and initial or sign.
Often on advice of legal counsel, some medical professionals interpret HIPAA to mean that they cannot disclose ANY patient information, even when it is in the best interest of the patient (thank you legal team!). Failure to release germane medical information to other health care professionals about the treatment of patients is a serious hindrance—not only to quality patient care, but to continued learning within the medical community. I think the continued learning part is one of the biggest threats to patients that comes from HIPAA.
Consider this scenario: An EMT wants to follow up with a hospital physician on the outcome of a patient that he transported. The EMT wants to get feedback and make sure that he followed appropriate care protocols. The hospital physician says that he cannot discuss the patient’s case, citing HIPAA. If the EMT is unable to get this information and receive feedback, he will not be able to determine whether the care he provided was effective or apply what he learned to his next patient with a similar medical issue.
Let me make this clear — healthcare providers ARE ALLOWED to disclose this type of information to other providers that have treated the same patient.
HIPAA, although well-intentioned, has created a culture of paranoia in which a medical transcriptionist can face serious career repercussions for accidentally sending patient information to the wrong doctor and medical professionals are afraid to communicate with each other in cases that involve multiple patients, such as transplants or infectious disease outbreaks.
I remember when I copy/pasted from one system we used, to another system — and pasted to the wrong patient! I was told it would cost about $3500 to expunge the record – even though I never saved anything. The mere fact that I had typed something, I was caught!
In addition, medical professionals also feel that they must tread carefully when discussing a patient’s care and condition with his or her family. Some hospitals enforce rules making one family member the sole point-of-contact for all patient updates, which places an undue burden on that individual and may cause issues in blended or divorced families.
Health care facilities—hospitals and surgical centers in particular—have had to bear the burden of redesigning waiting rooms with separate family conference areas, implementing numbering systems for surgical patients and enforcing other policies to protect patient privacy. The funds and personnel resources devoted to implementing and enforcing these changes could have been redirected into patient care, research and education.
And, double-occupancy hospital rooms cause nurses and doctors across the country to start shaking in their scrubs for fear of a HIPAA lawsuit.
More training and dialogue is needed to properly inform medical professionals—including doctors, nurses and office staff—about the proper application of HIPAA provisions. Of course, in the age of data breaches and identity theft, it should be a priority to protect privacy of sensitive information. However, the ethical code of medical professionals already promotes patient dignity and privacy.
Legal teams need to let doctors and other providers do their job without the constant threat of what a HIPAA violation may bring.
A thorough understanding of HIPAA and a dash of common sense will go a long way toward minimizing the negative impacts to patient care and ongoing learning.