Health Information Compliance Alert
Allina Shows the Way with Tough Action
PDF
Protection of patient privacy is serious business. Allina Hospitals and Clinics recently demonstrated zero tolerance for violations of its privacy policy when it fired 32 employees for inappropriately looking at the electronic health records of patients involved in a recent mass drug overdose case. "We take our obligation to protect patient privacy very seriously," according to an Allina statement released following the incident. "Anything short of a zerotolerance approach to this issue would be inadequate." Allina's actions fall in line with the provisions of HIPAA which prohibit any health worker from accessing the health records of a patient unless they are actively participating in her/his care. "HIPAA is quite clear that a patient's records may only be accessed by those who have a business reason to do so, such as participation in or supervision of care," Kenneth N. Rashbaum, Esq. of Rashbaum Associates, LLC, New York, NY told Eli. "It is, for the most part, impracticable to 'lock out' certain caregivers from access to patient information as they may be called upon to consult on that patient's care (such as caregivers in such areas as cardiology, neurology, infectious diseases, vascular surgery and other specialties), so hospitals must rely upon clearly written procedures, and training on those procedures, to comply with the provisions of HIPAA described above. They must also monitor compliance, again, where practicable." According to an editorial comment in the Rockford Star Tribune on May 14, 2011, an Allina investigation found that staffers at nearby Unity Hospital in Fridley and Mercy Hospital in Coon Rapids inappropriately accessed patients' medical records. Allina terminated 32 people for not only accessing these records, but in some cases going deep into the file to see notes and other details said the same editorial comment. "We were devastated that we had to lose these 32 people," said Allina spokesman David Kanihan. "Many of these people were really good employees. We didn't want to have to do this. However, patient privacy comes first."
Health Information Compliance Alert
- HIPAA:
Take These 8 Steps To Information Security Compliance
Check to see how compliant your organization is. If you've become complacent about reducing the [...] - EHR Penalties:
CMS Proposes 4 Additional Exemptions to Help You Avoid EHR Penalty
The agency is accepting comments on the proposal through July 25. Hoping to avoid a [...] - PHI Protection:
Allina Shows the Way with Tough Action
Protection of patient privacy is serious business. Allina Hospitals and Clinics recently demonstrated zero tolerance [...] - Documentation:
Get Providers to Sign Each Time
Answers to 2 common signature questions help ensure you're on track. Including provider signatures is [...] - Compliancea:
Steer Clear of F2F Violations with Medical Directors
Rules may be different for another physician's patients. Do you know when it's OK for [...] - Industry Notes:
Don't be too quick to blame PECOS for all the informational messages you receive about claims lacking valid physician NPIs.
Last year CMS caused a panic among Part B providers by setting deadlines for so-called [...]