Yeah hospitals dont play with HIPAA. That being said I feel bad for the staff involved (that didnt look at the info). Staffing is going to be a nightmare for weeks.
Good that is how the system works. Every time I go to the doctor HIPPA is drilled int my head, so health care people should know it
Good to know that there are 50 doctors out there that doesnt care about their patients privacy.
Why not just earmark such a prolific file thereby blocking access to it in a foresighted effort to curb against human curiosity and you now retain fifty employees instead of losing them?
Then get an administrator to give it to them. I can't even change different source code files without going up the chain.
The people who get caught and fired for such abuses are the vast minority of people who gleefully will look through your medical records and charts for gruesome pics and what not.
I got fired from a call centre for having my phone in my pocket within the office. However admittedly that's because I was too honest to lie to their face when asked during a random check.Kind of stupid that they now have to spend the resource to retrain 50 people. They could have hand out displinary actions.
I worked for a call center. You usually only get fired for this stuff if you are stupid to tell it outside of the company (post it or tell some client info to your family) I used to check Seinfeld's account and know how many cable boxes he had.
Straight up fear mongering.
I'm a doctor and I've worked in numerous hospitals. No one is going through everyone's chart looking at pictures. No one has time for that. The vast majority of healthcare workers take their jobs seriously, and that includes privacy.
I've seen people fired simply for looking at a friend/family member's chart. These electronic medical record systems have automated flagging for people doing things funny.
Anonymized pictures ARE used in educational activities, such as morbidity and mortality conferences where we discuss things that went wrong or could have been done better during patient care. These sorts of uses are legally allowed and very necessary to educate other health care professionals and improve patient care quality.
Are there abuses of the system? Yeah, a few, here and there. That's true of any system, any system. But it's not the norm, not even close.
At the hospital I work at we have what's called "break the glass". Whenever a high profile medical record is pulled up, before you can access it, you have to state the reason you are accessing it and electronically sign.It's great that they take this stuff seriously, but shouldn't the access to these records be way more strict to prevent this from happening in the first place?
It's crazy to me that dozens of employees could simply pull up a celebrities private medical records out of "curiosity." Like even when I try to do a simple price match at Best Buy it requires a manager to come over and authorize it. I would expect hospitals to be way more secure.
I work in medical claims billing. I hear about shit all the time.
This. Anyone in the medical field will tell you this is the real deal. If you ignore HIPAA, no matter how little the offense, that's on you. Grown adults should know how to rise above the gossip and rumors by this point instead of constantly wanting to be a part of it.
And I'm a doctor and in 4 years of being in hospitals taking care of patients I've never seen any health care worker just randomly looking through charts. Does it happen? Yeah, there are a few stories out there. Is it common? Not at all.
At hospitals? Maybe not, in offices where you are totally unconnected with any face to face interactions with patients and are just some rube in a sea of cubicles who gets bored? I'd wager a lot more than you'd think.
At hospitals? Maybe not, in offices where you are totally unconnected with any face to face interactions with patients and are just some rube in a sea of cubicles who gets bored? I'd wager a lot more than you'd think.
So people who aren't healthcare workers, just anyone with access to the EMR? Well, ok.
Then just like the nurses in the stories, they're idiots and putting their jobs at risk.
How would they even know where to start looking for pictures in charts though? Just look through everyone?
This is a good thing.
Hospitals are required by law to do this, but many companies that deal with the public have similar policies in place.
If you're pulling up private information without authorization, you're not protecting client privacy.
At my job I'm in charge of sanctions on providers and reviewing cases brought up in state. It may not be the norm, but it's not exactly minimal either.Are there abuses of the system? Yeah, a few, here and there. That's true of any system, any system. But it's not the norm, not even close.
At my job I'm in charge of sanctions on providers and reviewing cases brought up in state. It may not be the norm, but it's not exactly minimal either.
Knowing how many cable boxes Seinfeld has isn't nearly as profitable as knowing his medical recordsKind of stupid that they now have to spend the resource to retrain 50 people. They could have hand out displinary actions.
I worked for a call center. You usually only get fired for this stuff if you are stupid to tell it outside of the company (post it or tell some client info to your family) I used to check Seinfeld's account and know how many cable boxes he had.
https://www.nbcchicago.com/news/loc...fired-jussie-smsollett-records-506838591.html
Read the full article at the link.
I was just discussing this with a colleague. We use Epic as well.
We also assumed they didn't use the "break the glass" on his chart. Surely 50 people didn't bypass the gate. I'm not sure of the logistics on that side of the fence, but is the hospital at risk of legal ramifications for not implementing the extra security measure?
HIPAA is a federal law. Any organization that handles health info has to follow it, public or private.
I'm sorry, I've missed this piece of news, what is all this about originally?
Interesting, my hospital org uses Epic as well and I've only ever seen break the glass used for psych purposes.Northwestern uses Epic for its electronic medical records. For famous patients, hospital IT can implement an UI obstacle ("break the glass"), which requires typing in the user's password a second time, as well as selecting a reason for accessing the medical chart. It really does hinder impetuous curiosity. With 50 fired, doesn't seem like this gating mechanism was used (in time).
Yep. I can theoretically commit straight up wanton murder in the operating room and my hospital's lawyers will defend me in court. I violate HIPAA, I'm on my own.If you ask any medical professional, they will tell you that #1 career suicide move is to fuck with HIPAA. Malpractice doesn't even come close. I am glad it exists.
Maybe not in this example, but I personally know one doctor who was terminated immediately due to violating patient privacy.I guarantee some of the employees that searched his data were doctors. I bet good money none of them will be fired.
My tip to you: the search bar in the top right corner is extremely helpful. It will search the entire patient chart for whatever you enter. If you are not in a patient chart, you can use to to search for different activities associated with your account without digging through a dozen sub-menus.Yeah, some people are (rightfully, apparently) paranoid about accessing Epic at my job since we usually only have an ancillary need to use it. In a way it sucks because when I do need to use it, I don't know a lot of its functions/navigation and nobody else around me knows either. Then I end up spending extra time looking for what I need and it's all being logged that I'm clicking all these extraneous pages… 😰
Yup, fucking around with personal info at pretty much any job that handles personal information is fireable.I know that, which is why I said it is required by law for hospitals. HIPPA doesn't apply to all PII though (just medical records), but it is still a firing offense at many companies that are not covered by HIPPA.