Guidance for Nurses: Five Essential HIPAA Compliance Tips

The rules and procedures created by a nurse’s employer to adhere to the Health Insurance Portability and Accountability Act’s Administrative Simplification Regulations, are known as HIPAA in the nursing field. In this article we will outline a few examples of HIPAA violations by nurses. 

Illustrative Examples of Nurses’ HIPAA Violations

Example: Nurses Violating the Minimum Necessary Rule

Diane Hereford was let go from the Norton Audubon Hospital in 2015 due to a suspected breach of HIPAA. The complaint was brought by a patient who claimed that Hereford had violated the HIPAA “minimum necessary” criterion. The patient was having an echocardiography while receiving treatment in a private room behind a curtain when the alleged infringement occurred.

Hereford made sure the patient was aware of what was going to happen before beginning the treatment. She went on to advise the other two medical personnel there to wear gloves because the patient tested positive for hepatitis C. The patient claims that due to Hereford’s loud speech, everyone nearby, including other patients, could hear her.

Example: Nurses’ Social Media Vulnerability

A 21-year-old nurse’s assistant named Edward J. Melock uploaded pictures of an incontinent patient to Snapchat. The assistant gave up his license after entering a guilty plea to the charges.

Similarly to the above example, former certified nurse’s assistant Ericha Brown entered a guilty plea to a misdemeanor in 2013 after posting a video of a St. Anne’s Home patient being bullied. On Facebook, the video was shared.

Example: Nurses Accessing PHI Without Authorization

When it was found that several employees were accessing PHI, two Minnesota hospitals fired a considerable number of staff members in 2011. Two hospitals, Mercy and Unity, have admitted patients from a single occurrence in which partygoers were given synthetic medicines.

Many of the people who accessed the information had little real interest in it. 32 terminations occurred as a result of this in the two hospitals.

5 Tips on HIPAA compliance for nurses

1. Recognize the components of PHI – PHI is defined as any health information that is “individually identifiable” and is covered by HIPAA regulations.
2. Secure Electronic Devices – When accessing patient information on any device—including tablets, computers, and cell phones—nurses should proceed with utmost caution and utilize password security at all times.
3. Prompt disclosures – You should report any violations or breaches, regardless of how small, via the proper internal chain of command.
4. Learn about Appropriate PHI Disposal Techniques – Nurses need to know how to properly dispose of paper records and electronic media that include PHI. Some recommended practices include placing paper documents in a special container for destruction or shredding and utilizing software to regularly remove sensitive data from devices.
5. Never divulge your login credentials or password – Passwords and logins for devices and systems containing PHI should belong to nurses. Since these credentials are used to both track your activity and grant access to patient data, they should never be shared with anybody.

Because nurses who violate their employer’s HIPAA policies and procedures risk consequences ranging from a warning for minor infractions to contract termination and license revocation for more significant or persistent violations, HIPAA is crucial to the nursing profession.