Wednesday, December 5, 2007

short question/long answer


The response I get from readers about my work stories always interests me. I shouldn't be surprised really, because I know that the medical field holds a real fascination for a lot of people, myself included. Before I went to nursing school I read every medical book I could get my hands on, and even now I'm intrigued by a lot of the medical blogs. Maybe it's the commonality of the hospital experience, maybe it's the science geek aspect, perhaps it's simply the bizarre details of some of the stories all medical folk have to tell. I understand the fascination that has kept E.R on the air for half a decade and propels huge numbers of the new hospital pilots every year. I'm fascinated, too. It's why I do what I do.


So why don't I write about work more often?


It's a simple question. And there's a simple answer.


HIPAA.


Warning - Boring definition ahead: The Health Insurance Portability and Accountability Act. Enacted by Congress in 1996 as a broad spectrum health insurance reform that was supposed to revolutionize the industry. Under the wide umbrella policy was the Privacy Rule, which went into effect in 2003. This Privacy Rule is designed to safeguard the Protected Health Information (PHI) of patients being treated in a wide variety of settings. PHI includes anything that can be used to identify a patient or that person's health status. Some examples of this are medical records, payment history and provisions of health care. It's why in the U.S. you have to sign a privacy policy when you do anything medical, from getting your teeth cleaned to refilling your Viagra at the supermarket. It's your acknowledgment that you understand the policy (even if you really don't).


So, legal mumbo jumbo aside, what does this mean for healthcare workers? Simple again. (This one really is). We can't say a word about anything or anyone in any way that might identify that person to anybody. Period. We can't even verify if someone is a patient in our facility unless they give us permission to. In an emergent setting this can be really tricky.


If you do and you get caught? The fine is up to $25,000 for each infraction. And repeat offenders can be sent to prison. So let's say that you work in a doctor's office and your kid's teacher comes in with a sinus infection. You mention to another parent that the teacher isn't feeling too well and that parent tells the teacher they hope they feel better soon. Wham. That's a $25,000 violation. Told another person? $50,000. And so on and so on...


But wait. There's more. Workers are limited to what is called a Need to Know basis. This means we are only supposed to access the information we need to do our own particular job. So if Sue in Registration wants to check on a dietary order for a patient she admitted, she's in violation. If an intoxicated patient falls off the x-ray table and the radiology crew takes bets on his blood alcohol level and they actually go looking for it, they're in violation. Here's the one that kills me. If I admit a patient to the hospital through the ER and want to check and see how they're doing in the ICU, I could be in violation. Depends on what exactly I'm looking up and why. Leave a chart open with the patients name visible? Wham. Don't close out your computer screen and leave a mental health consult up for a passerby to see? Wham. You're in violation, baby.


Don't think it isn't being enforced either. When George Clooney was in a motorcycle accident in New Jersey in October, 27 health care workers were suspended for a month without pay for illegally accessing his medical records. Did they need to know? No? Wham. You don't have to be a celebrity, either. It happens all over the place. Now, did these people need this info? Of course they didn't. They were just being buttinskis. Some aspects of HIPAA make sense. But others...


This is an extremely loaded subject for anyone working in any capacity in the medical field, and if you get more than two of them together the conversation can get pretty intense. The basic premise isn't bad, but there are some serious problems with certain parts of it. One problem is that it's a confusing policy. Another is that some of the dictates are just plain stupid.


For example:


When I was working in a trauma ICU we had a young man Life Flighted in from a devastating car accident. (Flown in patients always get there before their relatives, even if their relative was with them when they had their accident). His mother was notified and then she called back (from Oklahoma - hours away) to frantically tell us that she was on the road and to find out how he was doing. I couldn't give her any information unless she had his code number to prove that she was legally allowed to receive reports on him. She didn't have the number, because you have to get it from the hospital to start with. If another family member had been there they could have given it to her, but no one else was there. She could have given me an "identifier" like his birth date and that would have satisfied the requirements. But his mother couldn't remember his birthday. (Don't sneer. It happens far more often than you'd think. Shock will do that to you). She was crying and screaming and praying - all at once. (And driving, let's not forget. Most likely speeding. On the interstate).


So here she is unable to get any information on her son. How badly is he hurt? Sorry, can't tell you. Is he alive? Sorry, can't tell you. Is he even at your hospital? Sorry, can't tell you. HIPAA, you know. Gotta protect that patient information. So I got her off the phone as quick as possible and patted myself on the back that no one was going to catch me giving out privileged information, right?


Sorry, can't tell you.


Here's another one:


This gangbanger gets his fool self all shot up and is on our unit. Twenty four years old, eight kids by six women. Now some of the women got along and some...didn't. The current lady (and the patient's mother) handpicked who could and could not get in to see this guy. We lost count of how many times security had to be called to our lockdown unit because of all the "babydaddy" fistfights going on right outside the door. Now this part of it could have happened quite easily before HIPAA. The problem was that his nurse had to walk past this bunch every time they left the unit and all these gals wanted to know how the man was doing. Sorry, can't tell you. I was taking an intubated, sedated patient with a massive head injury to CT and had one of these chicks try to jump on me over my patient because I wouldn't tell her anything. Security!


I could go on for days. I've got a million of 'em. But I'm going to go back to the original question.


So why don't I write about work more often?


And the straightforward answer is...because I'm afraid to.


I love my job. Let me repeat - Love. My. Job. All bitching aside, I could not ask to be in a better place. This is the sort of team environment people would kill to be part of. My co-workers are phenomenal, management is (so far anyway - knock wood) extremely supportive, our doctors are doctors I would want taking care of my own children in an emergency. That's about as high as my praise scale goes. But it's not a huge hospital and it really isn't a huge town. No one at work has a clue that I blog, and as much as I suspect that I'm not alone, it's not a subject that is ever discussed. This is why I never comment on medical blogs or try to link up with them in any way. It's a small world out there and I think a lot of them are under a lot of fire right now because of HIPAA. They all post disclaimers that supposedly cover them legally, but who knows?


I'm very careful with my work blogging. My stories are always true, but I do admit to changing things around just to cover my bases. If it isn't relevant to a story I'll sometimes switch the sex or age of a patient. I'll change any really distinctive physical characteristics. Unless it's something that has really bothered me, I'll change up the dates too. I may post on Sunday about something that happened on Wednesday and imply that it happened on Saturday. Do I really think in the great big blogosphere that someone will catch on to me? No. I never ever use anything that could identify a patient. Ever. My OCD is in high gear here.




But...I still don't think my hospital would take such a gracious view of it. We're a community hospital. The community wouldn't want to think some nurse was blogging about their ER visit.
This is also why I never post pictures of myself. (That and the guilt from all those computer screens worldwide cracking like eggs). It's really an interesting dilemma. If I ever did all of a sudden get a bunch of readers I'd be in trouble, because anyone who worked with me would be able to figure it all out. All the pieces are there now. And if I totally went insane and started listening to all you wackos lovely people who keep saying I should write a book, I'd really be screwed. I'd either need a really good lawyer or to only write about nursing in generic ways. I understand that the job is one of the more interesting things about me, so I do try to get in as much as I can. Believe me, I love writing them, too. I have several in the working stages now. I just have to cover all my bases every time I post one. I'm too old for prison and I don't have $25,000.


Man, can I ramble or what? What was the question again?


Sorry, can't tell you.

************************************************************************************
UPDATE: laurie just sent a really wonderful New York Times article about this situation. Here is the link to it if anyone would like to check it out. Thanks, laurie!

26 comments:

PixelPi said...

I hear you loud and clear. I transcribe reports from all over the hospital, including the ED, and we have the same problem with HIPAA.

First, let me make it perfectly clear that RC and I live in different states and work for different health care facilities and have never so much as shared our addresses much less toothbrushes.

I use the same rules you do, RC, in telling stories. I'll change name, date, gender, time of day, etc. But it's a little easier for me because I type between 20 and 40 reports a day. By the time I clock out, I couldn't tell you anything about a patient even with bamboo under my fingernails. Last year I typed 4299 reports. How much of that do you think I remember?

HIPAA also applies to us. For example, Mr. Pi had a kidney stone a long time ago. I could look up his record and see his lab work and the reports. BAM. $25,000. And no, RC cannot look up the lab results on Gumby when he comes in with a sprained knee from soccer practice. Just because you're the relative doesn't mean squat. Ka-ching.

But sometimes sentences come outof the dictator's mouth so darn funny that I feel comfortable posting it without any other info. It doesn't need any other info to be funny. I'll leave you with a HIPAA-proof example:

"The patient has a problem with running up to people and vomiting on them."

And believe RC (and me) when I tell you that if they catch you once, it's $25,000, but where I work, if they catch you once, you're fired. So you don't hear any medical stuff on my blog either.

ciara said...

well, i never really knew too much about hipaa UNTIL i tried to get reimbursed from my ex-husband's insurance for our oldest daughter's glasses. 'sorry can't tell you' makes me laugh. so you can bet your sweet bippy that i did NOT get reimbursed (200 bucks). but never fear, taking the ex back to court for an increase in child support also (and i didn't even ask for it)got it in my court order that either one of us have access to the other's ins info...so, if i call up asking about a reimbursement, they gotta tell me. life is sweet! lmao

Frances said...

Thanks for the post - really important things you are talking about.
Privacy - well it's double-edged, like gossip. We love gossip, but we hate to be gossipped about. We're fascinated by what happens to people in out-of-control situations, but we wouldn't want our private matters and health issues blared around. But not being able to talk about work is a difficult one. We need to off-load somewhere.

laurie said...

RC, did you read the new york times story a couple of months ago about how hospitals and doctors offices are being overly strict with HIPPA becaus they don't understand it? that health care workers are told don't say anything to anyone, when that isn't what the law says?

it was a pretty good story. had a case study about a woman who could not get any information on her mother (or maybe it was her mother-in-law) who was demented and in a different state. by law, she should have been able to, but health care workers are so afraid of that fine and of doing wrong, that they err on the side of caution and withhold information that they should give to families.

if you didn't see it, i'll try to find it for you.

i'm not saying that's what your hospital is doing; i'm just saying that apparently that law is not terribly clear and it has a lot of people afraid.

auntie barbie said...

I understand your situation perfectly. Before I decided to make construction management a career I was a foreclosure/bankruptcy supervisor for a large mortgage company. Privacy acts affected us as well. We were not allowed to give out any information without written and signed authority by the mortgagor of record. Try dealing with an irate wife whos name is not on the mortgage but just opened her husbands mail to find out she had 30 days to vacate her home. I had to actually fire someone because they violated the policy and we were sued by the mortgagor.

Jen said...

I understand the whole HIPAA thing, and I agree, there are good points and bad points to it. Being in the media, it's made it difficult for us sometimes when were trying to report how many injuries, who was injured, etc. But I wouldn't neccessarily want my info on TV, either. A double-edged sword, indeed. And who cares if you change up the info? The stories are still interesting and entertaining.

Kaycie said...

"That law is not terribly clear . . . ". Well, that is an enormous understatement. The people who wrote it don't know what the hell it means. The poor medical professionals are scared out of their wits because of HR people and lawyers. I know the type because I once was one. Be conservative and never, ever, say anything that puts you at risk of being sued. Which translates to: scare the pants off them so they'll tow the company line.

I was still working in HR when the HIPPA nightmare began. I was working for a small manufacturing concern where I was in charge of personnel, employee relations, workers' comp, compensation and benefits, and payroll. We were self insured, so I was in a position where I either knew or had access to every bit of information on any given employee. I was supposed to not notice that so-and-so's kid was on prozac, or that another had heart problems or was being treated for alcohol problems or pregnancy or . . .

What I really hated was that upper management would try to get me to tell them these things for various reasons. I finally worked with our benefits claim processors to design a system where I couldn't tell who the claims were for so that I didn't have to sidestep or lie my way out of those meetings. That was actually the only good thing HIPAA ever allowed me to do. It made me deliriously happy to say, "You know, Mr. CEO, I actually have no way to access that information since we began preparing for HIPPA".

Of course that has nothing to do with why I quit working. Oh, wait. Yes, it does. Totally.

In the words of my favorite contemporary president, I feel your pain, RC.

la bellina mammina said...

Wow! This is something new..Thanks for sharing. Btw, are you in violation already, writing about this;-)

kathy said...

I always wondered about that, I love your stories, work or otherwise, I'm sure you would never put yourself at risk.

Diana said...

This is exactly why I almost never blog about work. I'm paranoid that even if I change details, it may land me in trouble because what I made up was too close to a different patient that I didn't even know and then I'd have to do some serious explaining and proving and lose more than one night of sleep. Pity, really, because the stories are so very good.

Last year, our administration actually came out and said that blogging was fine in their view but just be aware of all the rules of confidentiality, which made me feel better for some reason. I, too, love my job and wouldn't jeopardize it for the world.

I feel all 'secret service' with it. I won't even tell my husband that someone came in to the clinic that he knows and told me to say "Hi" to him.

What really drives me crazy, though, and I'm sure you, too, is that many don't understand that patient information from provider to provider that is necessary for the care of the patient is to freely flow. A release isn't needed if I call up someone's cardiologist to tell them their patient was here and having a change in their cardiac symptoms or if I call the ER they were in the previous night, needing their lab or ECG results. Sadly, sometimes care is held up by some employees not understanding that there is some information that doesn't need a signed release. Work comp is another area that isn't quite the same. There is some information, primarily around impairment due to a medical condition or a positive drug test that could put the employee or others at risk on the job, or information regarding an on-the-job injury covered by work comp. That medical information is legally the right of the employer.

ped crossing said...

Education has the same issue. We have to be careful giving need to know info. You can't do it in front of anyone who doesn't need to know. That is hard to do in a school, there are always people around.

And that is why I haven't blogged about any of the funny things that my students do.

Frustrating, isn't it.

laurie said...

here's the top of the NYTimes story. it's well worth reading.

you can find it by searching their archives for July 3:

July 3, 2007
Keeping Patients’ Details Private, Even From Kin
By JANE GROSS

An emergency room nurse in Palos Heights, Ill., told Gerard Nussbaum he could not stay with his father-in-law while the elderly man was being treated after a stroke.

Another nurse threatened Mr. Nussbaum with arrest for scanning his relative’s medical chart to prove to her that she was about to administer a dangerous second round of sedatives.

The nurses who threatened him with eviction and arrest both made the same claim, Mr. Nussbaum said: that access to his father-in-law and his medical information were prohibited under the Health Insurance Portability and Accountability Act, or Hipaa, as the federal law is known.

Mr. Nussbaum, a health care and Hipaa consultant, knew better and stood his ground. Nothing in the law prevented his involvement.

But the confrontation drove home the way Hipaa is misunderstood by medical professionals, as well as the frustration — and even peril — that comes in its wake.

Government studies released in the last few months show the frustration is widespread, an unintended consequence of the 1996 law.

Hipaa was designed to allow Americans to take their health insurance coverage with them when they changed jobs, with provisions to keep medical information confidential.

But new studies have found that some health care providers apply Hipaa regulations overzealously, leaving family members, caretakers, public health and law enforcement authorities stymied in their efforts to get information.

Experts say many providers do not understand the law, have not trained their staff members to apply it judiciously, or are fearful of the threat of fines and jail terms — although no penalty has been levied in four years.

Some reports blame the language of the law itself, which says health care providers may share information with others unless the patient objects, but does not require them to do so.

Thus, disclosures are voluntary and health care providers are left with broad discretion .....

The Rotten Correspondent said...

I kind of dragged my feet about writing this because I thought it might put a lot of people off. I knew some of you (you know who you are!) who deal with this in your own jobs would understand.

But I really wasn't following the train through to other fields, like media(jen and laurie) or mortgages (auntie barbie), education (ped crossing), child issues (ciara), or the HR point of view (kaycie). It really is something that affects us all - in different ways, but the impact is still there.

BTW kaycie, you and I share a favorite contemporary president, but you do know, don't you, that this was his baby? Although I think certain relatives who are now running for president had a lot to do with it.

The Rotten Correspondent said...

Oh, and pixelpi and diana - thanks for the perspective from other areas of medicine. It's nice to not feel alone.

And Frances - welcome!

The Rotten Correspondent said...

I just added laurie's link to the post. Thanks a lot, laurie. That was a really interesting article.

Flowerpot said...

Yes I'm careful what I say about lots of things - think you have to be nowadays. Sad state of life.

Kaycie said...

Yes, I know, RC. And he is so damn far from perfect. The thing about him, though, is that he really wants to do right by the American people. I don't think you can say that about a lot of politicians.

He did leave this country in an excellent condition when he stepped down. Can't say the same for the current occupant.

Dumdad said...

Absolutely fascinating. Some of it makes perfect sense, some seems petty, mean-minded and downright stupid.

It's like Politically Correct. In essence, this is a good thing but certain people twist it to suit their unbalanced views.

I won't go on, but we live in a very strange world nowadays.

Kimberly said...

Fascinating stuff....got some insight into it when Neil was at school and had to follow those rules.

I'd be a wee bit OCD if I were in your shoes as well.

Thalia's Child said...

Our laws aren't quite so prohibitive here in Canada, but there's the same general understanding. You can lose your job for breach of confidentiality, and it amazes me how many people are determined to butt in where it's not their business anyhow.

Like... when I had Punkin in the hospital that I worked in, everyone knew I'd had her before I made it up to the floor to visit the next day. Because they'd poked into L&D, Maternity and the NICUs records looking for labs to be able to tell what I'd had.

Akelamalu said...

I can understand the restriction and the whys''t know and wherefores of them, so just keep telling us what happened without giving any names!;)

I can identify with the woman who didn't know her son's dob, when I had to take youngest son to hospital with a nasty gash on his head, he had to give his own name and dob because my mind had gone completely blank - he was only 6 years old!! :(

Eileen said...

I totally understand. When I write about my students at work, I do not give any identifying information. I have never shown any pictures of me and Eileen is really my middle name. So, I am a bit paranoid too. I want to be respectful to the people I work with, and would never want to betray confidentiality. However, I do blog about it, just being ever so careful about the identifying info. Lots of doctors and nurses write books about their experiences and patients, so there must be some legal way around it.

When I took my Family Leave Act last year, because of one daughter's head injury, and my other daughter's bi polar, both acting up seriously at the same time, my doctor put me out for depression. Then, along with my medication, he faxed the script meant for work, that said out for depression to the pharmacy by mistake. I was furious. We live in such a small town, half of hubby's students work at that drug store. It was such a clear privacy violation. My doctor said, "sorry, I hit the wrong button." Ok, it was an accident. But I still was upset, and could have made a huge deal, but he made a mistake. Damage done. What can you do.

By the way. I still think you should write a book. I'm just saying.........
XOXOX

ped crossing said...

Note to RC, I never had a mullet in the 80's. Now you found someone. :)

my two cents said...

I'm with Eileen, you could write a book. You know, you write about a lot of things that don't have anything to do with work, that are just great. Of course, I'm biased.

Jo Beaufoix said...

I wondered about that too, but I love all your stories so I can cope with just occasional work ones. They're always worth the wait.

-Ann said...

Something like that would put me right off blogging altogether. The only time I ever heard of someone getting busted on HIPPA was a total jerk in Washington state who stole the identity of a critically ill cancer patient, figuring he could run up huge amounts of debt in the guy's name with no consequences.