In this section of the NCLEX-RN examination, you will be expected to demonstrate your knowledge and skills of confidentiality and information security in order to: Show
According to the United States Department of Health & Human Services, the Health Insurance Portability and Accountability Act (HIPAA) and the HIPAA Privacy Rule provides federal protections for individually identifiable health information and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of health information needed for patient care and other important purposes such as health insurance reimbursement and quality improvement activities. The Security Rule of HIPAA has administrative, physical, and technical safeguards to insure the confidentiality, integrity, and availability of electronic protected health information. This rule relates to electronic information security as well as other forms of information. Our nation's Health Insurance Portability and Accountability Act (HIPAA) protects the patients' rights to the privacy and confidentiality of all medical information, including written, oral electronic information, unless the client has expressly consented to it in writing. The HIPAA Privacy Rule legally limits access to medical records and information to only those who have a NEED to know. Those who have the need to know have this need because they need some data and information about the patient so that they can perform some indirect or direct patient care. For example, nurses have a need to know information about the patient so that they can provide the patient with quality care. Dietitians have to need to know some information about the patient so that they can assess and plan care for the patient as based on their nutritional needs and status, and, those who provide indirect care, such as the director of nursing, the infection control nurse, the wound care nurse and the members of the quality assurance department, also have a need to know about patients and groups of patients so that they can perform their roles even though they are not providing any direct patient care to the patient. Others who have a need to know are health insurance companies and students including student nurses. All nurses must be aware of the implications of and the possible consequences for violations relating to the Health Insurance Portability and Accountability Act and the HIPAA Privacy Rule. Few nurses violate patient confidentiality intentionally. It is often momentary lacks of judgment that lead to these breaches so nurses must consciously think before they act or speak. Nurses should never discuss patients with others who do not have the "need to know". They must protect and secure client written records and they must also secure electronic records by protecting and not sharing their password and logging off after each entry. Other things that protect patient privacy and confidentiality include not responding to any telephone or email inquiries about patients unless the inquiring person states a unique identifier for the patient such as a secret code number or word. Lastly Facebook, and other forms of social media, and photos using a cell phone are strictly prohibited. All healthcare facilities have regulations, policies and procedures related to confidentiality and accessing client records. All nurses, and other healthcare providers, have the responsibility to be knowledgeable about these regulations, policies and procedures and adhering to them at all times without any breaches. Personal privacy, including privacy during visits and during conversations as well as when they are getting personal care such as hygiene must also be upheld and maintained. Assessing Staff Members' and Client Understanding of Confidentiality RequirementsThe best way to know whether or not staff members understand and apply the requirements associated with confidentiality and privacy is to observe the staff member as they perform their roles and uphold these rights. For example:
Clients must also know their rights and the rights of others in terms of medical information. Nurses can identify a knowledge deficit in this area when a patient asks a nurse a question like "What is wrong with that patient who is always screaming out?" or a similar question. Nurses should inform this inquisitive patient that you cannot share any information with them that relates to other patients. Intervening Appropriately When Confidentiality Has Been Breached by Staff MembersThe registered nurse has the professional, ethical and legal responsibility to insure that all client rights, including the clients' rights to privacy and confidentiality, are upheld, supported and advocated for. Whenever a nurse witnesses any breach of confidentiality and privacy including, but not limited to, any unauthorized access to medical records by those without the need to know, idle discussions that violate HIPAA regulations, a failure to log off the computer when done, and the lack of privacy during change of shift reports, the nurse must intervene immediately by correcting the situation and not allowing it to continue. RELATED NCLEX-RN MANAGEMENT OF CARE CONTENT: SEE – Management of Care Practice Test Questions Latest posts by Alene Burke, RN, MSN (see all) New nurse tips: HIPAA & Privacy. Adhering to patient privacy is a major rule we follow as nurses. When you are first starting out as a nurse, you may be confused on what you are allowed to share with others regarding your patient and who you can tell. In nursing school, you should have heard of HIPAA. I remember as a student hearing about it and would constantly hear the phrase “Oh, that’s a HIPAA violation” which meant to me that someone was breaking a rule and could get into trouble. In this article, I am going to talk about: What is HIPAA? How nurses follow HIPAA on the job? Certain situations you may encounter as a new nurse that may confuse you on “is this a HIPAA violation?” Tips on how to make sure you are ensuring patient privacy What in the world is HIPAA?How do you ensure you follow it? HIPAA is short for “Health Insurance Portability and Accountability Act” and it has many parts to it. However, as nurses the part we are most concerned about is the privacy section. In a nutshell, as healthcare providers we must take precautions in protecting a patient’s healthcare information. How do we follow HIPAA on the job?There are many ways we do it, and the hospitals we work in have ways to help us do it. For instances, most facilities on each unit have shred bins where all patient information is shredded. I always stress to my students to never take home a nursing report sheet or any patient information at the end of their shift. Always shred it! Another way is by always placing a patient’s chart in secure a location when not in use, turning off or locking our screens when charting electronically, not talking to other patients about a specific patient on the unit, and only releasing patient information to designated individuals etc. Situations you may encounter that will test you on Patient PrivacyIn nursing school, you are not really taught “real world” case scenarios on how to deal with protecting patient information. Quickly, as a new nurse you will be tested by family members, staff, and other people who have the intention of obtaining information about a patient, and as the nurse you will have to recognize this so you don’t violate patient privacy. Let me explain: Numerous times, especially as a new nurse, I would receive random phone calls or be approached by individuals claiming to be a family member or a “concerned” neighbor that wanted information on a patient. Some of these people were very clever and tried to use persuasive language to convince me that they were allowed access to the patient’s health record. So, new nurses and nursing students, always be on guard and listen to your gut. Tip for handling this is to always give the same response of: “Sorry, but I cannot give that information out”, especially anytime you are in doubt. Another occasion that absolutely shocked me was when I found a nurse from another floor snooping through a chart outside a patient’s room. When I approached the nurse and asked her what she was doing, she said “Oh, this is my brother.” I immediately removed the chart from her possession and told her she was not allowed to violate her brother privacy by looking through his chart and that she wasn’t authorized to look at his information. She became disgruntled and scoffed at me and said “I work here”. It turns out she and her brother was estranged and she was being nosy. So, remember to always be discerning. How can you know if you are allowed to give out patient information to someone?On admission, the patient will fill out a form (we call it a VIP form) that has listed individuals’ names that are allowed to receive patient information. These individuals are given a special code and when they call or approach you all they have to do is give you the code and provide proof of who they are and you can give that information out. Now regarding staff, only the healthcare team members who are participating in a patient’s care are allowed to access information. However, they are only able to access patient’s information that helps them do their job. Tips on How to Protect Patient Privacy
Video on HIPAA and Patient PrivacyAny thoughts or experiences you would like to share? Comment below. |