Health Information Management

Q&A: Is a written warning for a HIPAA violation considered retaliation?

HIM-HIPAA Insider, November 15, 2011

Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!

Q: We have a nurse who has twice mailed test results to the wrong patient. Both times the nurse failed to follow established policies to ensure that she mailed the test results to the correct person. The nurse feared that the patients would contact the practice, so she thought it best to report the incidents herself. Would issuing a written warning to the nurse for failure to follow policy be considered retaliation since the nurse did report the incidents?

A: No. Although we all make mistakes, if an employee doesn't follow established policy or procedure, especially repeatedly, disciplinary action is probably appropriate.
 
Of course, you must already have documentation on file that you have provided adequate training, reminders, etc., for all of your employees about these policies and why they are important.
 
Training is probably your most important responsibility as your organization's HIPAA privacy officer. Your HIPAA policies should also include sanctions for violations, the specificity of which may depend on the size and complexity of your organization.
 
It is admirable that your nurse reported herself for the error, and we should certainly encourage all our staff to report breaches (and any other mistakes) to us. This allows us to help ensure staff members follow policies and procedures to keep breaches from happening, and to work with us to investigate and mitigate damage if they do happen.
 
Our department had an incident similar to the one you describe. I suspect this type of mistake is quite common, and also quite preventable. To avoid it happening again, we require staff members to exchange mailings with each other and review them one last time before sending them out.
 
Editor’s note: Chris Simons, RHIA, director of utilization management and HIM, and privacy officer at Spring Harbor Hospital in Westbrook, ME, answered the previous question in the November issue of Medical Records Briefing.



Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!

Most Popular

Related Articles