Understanding HIPAA laws

October 9, 2014

Article by Global Pre-Meds
Hospital doctor shadowing & global health experience programs.

See current opportunities

A surgeon with the Gap Medics students he is mentoring. The Health Insurance Portability and Accountability Act, more commonly referred to as HIPAA, was developed in part to ensure a patient’s right to privacy regarding his or her medical care. The act ensures information such as a patient’s illness, progress and treatment are kept confidential, but not all medical professionals understand what HIPAA involves.

Whether you are a medical, nursing, dental or physician assistant student, you need to have an understating of patient privacy laws, and HIPAA laws can get very complex. While you are a student, HIPAA compliance mostly comes down to knowing when and with whom you can share patient information.

Who can share information?

Patient information can be shared with other medical professionals who are actively involved in the patient’s care. For example, a nurse can share information with another nurse who will be taking over the care of the patient. Information can also be shared between people in different disciplines who are treating the patient.  For instance, a nurse can share patient information with a respiratory therapist who is treating the patient. As a student, you must follow the same privacy laws as the rest of the medical team.

What are examples of HIPAA violations?

HIPAA can sometimes be confusing, especially for students who may be new to the medical field. The following are examples of HIPAA violations:

-Snooping, which involves reading information about a patient when you have no role in his or her care, is a HIPAA violation.  

-Failure to dispose of patient information properly is also a privacy violation.  Patient information should always be shredded.  Most hospitals have a specific area where patient information can be discarded before it is shredded.    

Better to be safe than sorry

There are several things you should and should not do in order to avoid violating HIPAA laws. If you are unsure about something, ask a supervisor, preceptor or instructor. Remember that when you are in doubt, err on the side of caution. Hospitals take HIPAA violations very seriously. 

Don’t discuss patients in public areas, such as the cafeteria or an elevator. If you are sharing information with a clinical advisor or preceptor, make sure you are in an area away from visitors and other staff.

Avoid talking about patient cases to your family and friends. You may be super excited to tell your friends about an interesting case you had at the hospital, but try to restrain yourself. Sharing medical information about patients is considered a violation of the patient’s privacy.

Log off your computer when you are finished reading anything in a patient’s chart. A large majority of hospitals are transitioning to electronic medical records, which means you will likely be reading histories, reviewing labs and charting on the computer. When you are finished with your work, make sure you log off. Leaving a computer screen up that contains patient information for anyone to see is considered a privacy violation.

Never post anything related to patient care on social media sites. You may have been involved in an exciting code or cared for a patient in a gnarly accident, but never tweet, post or talk about it on social media sites. Doing so is a quick way to get kicked out of school.