• E-mail
• Print
• RSS

Avoid a HIPAA emergency in the ED

Compliance Monitor, May 31, 2006

Want to receive articles like this one in your inbox? Subscribe to Compliance Monitor!

Although one of the goals of HIPAA is to protect patient privacy, the regulations should never get in the way of patient care-especially during emergency care. Prevent this by establishing appropriate policies and procedures that allow emergency department (ED) staff to focus on caring for their patients while still complying with HIPAA, says Kelley L. Meeusen, RHIT, former compliance coordinator and privacy officer at Harrison Memorial Hospital in Bremerton, WA, and health information management (HIM) distance learning instructor at Tacoma, WA, Community College.

Consider taking steps to address challenges in the following areas:

• Infrastructure
  In an ED, there are people everywhere, says Meeusen. "There's the hustle and bustle, patients in the halls waiting to receive care, limited space, alcoves with curtains, and visitors and family members. It's not an environment [that is] conducive to privacy." You should take reasonable steps to mitigate this risk, he adds.

  At Southern New Hampshire Medical Center in Nashua, staff recently moved into a new ED, which eliminated privacy concerns, says Privacy Officer and Director of Health Information Services Sharon Busler, MHA, RHIA. "It's not as open as the old ED-there are more separate rooms instead of just curtains between beds."

  Busler also spends a lot of time talking to staff and conducts ongoing audits of the environment in the ED, which allow her to identify risk areas and take appropriate action. For example, she noticed that passers-by could potentially read patient names on bed monitoring systems if staff did not hide the column with that information. She then instructed staff to be more vigilant in doing so.

• Incidental disclosures
  Jim Kelly, privacy officer and emergency medical services (EMS) field coordinator at Chesterfield, VA, fire and EMS, doesn't have the luxury of being in a controlled environment such as an ED. He and his staff have to work constantly to avoid incidental disclosures.

  "One of our major challenges is bystanders," he says. "We expect some incidental disclosures, but you have to take reasonable steps to avoid them-for example, asking bystanders to walk away and being cautious of nosey neighbors." And once in the ED, Kelly and his staff must do their best to ensure that other patients and visitors can't overhear hospital staff briefings.

• Law enforcement encounters
  Throughout the hospital, the ED has the most encounters with law enforcement, says Meeusen. And there are often a multitude of state and federal regulations for staff to consider before disclosing any information. For example, there are more than 40 state and federal statutes in Washington.

  Southern New Hampshire Medical Center instructed staff to refer investigative requests to the HIM department, says Busler. "We're a trauma center, so we deal with law enforcement quite a bit. But ED staff shouldn't have to make those decisions. HIM deals with requests for information every day and is better equipped to handle them." The organization took its efforts a step further by participating in a seminar with local and state police departments to go over the guidelines for disclosing PHI. The seminar helped clarify the rules and built on an existing strong relationship with local law enforcement officials, says Busler.

• Media requests
  If law enforcement officials are in the ED, members of the media will be right behind them, says Meeusen. And if you're dealing with public figures, even more people will want to know what's going on, he says. Harrison Memorial Hospital designated media representatives to handle all media requests, and the group of decision-makers who handled law enforcement requests also became involved. "It was a service to patients as well as staff. It allowed them to hand off the responsibility of dealing with the media to others," says Meeusen.

Adapted from "Avoid a HIPAA emergency in the ED," Briefings on HIPAA, April 2006.

Want to receive articles like this one in your inbox? Subscribe to Compliance Monitor!

• E-mail to a Colleague
• Print
• RSS
• Archive