HIPAA Concern

Not open for further replies.


New Member
I have recently been seeing a counselor for anxiety and depression. I also took a short leave from work using FMLA. The nurse at the company I work for is aware of my medical situation as she is the person in charge of FMLA. She has access to all my medical information. She and I have also been relatively close friends for the past few years and I have confided in her about some of my issues concerning my depression. She has decided that she can no longer help me as she thinks I am relying on her to be more than a nurse, which was not my intention. I only confided in her as a friend. Because of this she has deferred this to the plant manager. The plant manager as since called me in for consultation with another member of HR in which he has laid out a plan that would let the company pay for all my therapy. He has requested that I see my therapist twice a week, based on the nurse's recommendation.

I have 2 questions concerning this.

First of all, the nurse is just that - a nurse. For her to recommend a course of psychiatric therapy for me would be inappropriate. For my therapist to accept their offer of 2 visits per week would also be inappropriate and unethical. My first question is should I be bound to follow their recommended course of treatment? Could they legally terminate me if I refuse?

Secondly, by deferring this to the plant manager and another HR person, they are now privy to my medical information. My second question is has my right to privacy been violated?
I'm starting to wonder if I posted this under the correct topic. To clarify my privacy concern, by sharing my medical information with varioius members of management, this could sway or influence their opinion of me and my ability and ultimately compromise my chances of advancement within this company and potentially with other employers. I am under the impression that HIPAA also provides for such protection of privacy. Please correct me if I'm wrong.
FMLA information was protected before HIPAA... so there may be more in play here than a potential HIPAA violation. In addition, if your employer is not a "covered entity" they may not be subject to HIPAA rules and regs. It seems as though the "nurse" was not acting as a nurse, but rather in an HR capacity. If your employer is not a covered entity, the record is most likely not an official health record, and HIPAA does not apply. The department of health and human services is straight forward in stating that HIPAA does not apply to employment records, even if information in the record is health related. Also, HIPAA does not apply to the actions of an employer, including the actions of a manager in the workplace.
Actually the records are official. My personal physician had to fill out paper work to be submitted for FMLA. All of my personal medical records are on file at my company. The nurse is a licensed RN. Her official job title is "Plant Nurse". She should not be allowed to share my personal information with anyone without my permission. I feel like she has violated my right to privacy no matter what her capacity was. For example, if I am seeing a psychiatrist professionally, then he/she is bound by patient/doctor confidentiallity. If I should happen to see her away from her professional setting such as in a mall and talk to her on a "friend to friend" basis concerning my psychiatric problems, she is still bound by patient/doctor confidentiality. The situation with the nurse should be the same. Unless she felt that she or someone else was in a potentially dangerous situation because of my anxiety and depression, she had no right to share my personal medical information. In other words, I don't feel like she had the right to defer this situation along with my medical information with the plant manager and another employee. As I said, this has the potential to show me in a bad light and ruin my potential for advancement in the company. I hope this makes some sense.
That may all be true, but HIPAA most likely does not apply as your employer is most likely not considered a covered entity.
Not open for further replies.