HIPPA violation?

Bl2849381

New Member
Jurisdiction
Colorado
Is it a violation of HIPPA for a nurse to tell someone the results of a patient's blood work while the patient is asleep? The person who was told was not a family member of the patient and the patient had not given consent for anyone to be given her personal information. The patient was also not a minor. Also could anything be legally done about this? As a direct result of the nurse giving out the patients personal information the patient was put directly in harms way and ended up sustaining further injuries.
 
Is it a violation of HIPPA for a nurse to tell someone the results of a patient's blood work while the patient is asleep?

What Happens if you Violate HIPAA? – HIPAA Violation Classifications
What happens if you violate HIPAA? That depends of the severity of the violation. OCR prefers to resolve HIPAA violations using non-punitive measures, such as with voluntary compliance or issuing technical guidance to help covered entities address areas of non-compliance. However, if the violations are serious, have been allowed to persist for a long time, or if there are multiple areas of noncompliance, financial penalties may be appropriate.

The four categories used for the penalty structure are as follows:

Tier 1: A violation that the covered entity was unaware of and could not have realistically avoided, had a reasonable amount of care had been taken to abide by HIPAA Rules

Tier 2: A violation that the covered entity should have been aware of but could not have avoided even with a reasonable amount of care. (but falling short of willful neglect of HIPAA Rules)

Tier 3: A violation suffered as a direct result of "willful neglect" of HIPAA Rules, in cases where an attempt has been made to correct the violation

Tier 4: A violation of HIPAA Rules constituting willful neglect, where no attempt has been made to correct the violation


What is Considered a HIPAA Violation?

A HIPAA violation is a failure to comply with any aspect of HIPAA standards and provisions detailed in detailed in 45 CFR Parts 160, 162, and 164.

What is a HIPAA Violation?

Examples of HIPAA Violations

There are hundreds of ways that HIPAA Rules can be violated, although the most common HIPAA violations are:

Impermissible disclosures of protected health information (PHI)
Unauthorized accessing of PHI
Improper disposal of PHI
Failure to conduct a risk analysis
Failure to manage risks to the confidentiality, integrity, and availability of PHI
Failure to implement safeguards to ensure the confidentiality, integrity, and availability of PHI
Failure to maintain and monitor PHI access logs
Failure to enter into a HIPAA-compliant business associate agreement with vendors prior to giving access to PHI
Failure to provide patients with copies of their PHI on request
Failure to implement access controls to limit who can view PHI
Failure to terminate access rights to PHI when no longer required
The disclosure more PHI than is necessary for a particular task to be performed
Failure to provide HIPAA training and security awareness training
Theft of patient records
Unauthorized release of PHI to individuals not authorized to receive the information
Sharing of PHI online or via social media without permission
Mishandling and mismailing PHI
Texting PHI
Failure to encrypt PHI or use an alternative, equivalent measure to prevent unauthorized access/disclosure
Failure to notify an individual (or the Office for Civil Rights) of a security incident involving PHI within 60 days of the discovery of a breach
Failure to document compliance efforts



What are the Penalties for HIPAA Violations?

What are the Penalties for HIPAA Violations?

Also could anything be legally done about this?


Your answer can be found hidden in the mountain of material hereinabove.

Bottom line, be prepared to be ignored and to eventually receive NOTHING.
 
Is it a violation of HIPPA for a nurse to tell someone the results of a patient's blood work while the patient is asleep? The person who was told was not a family member of the patient and the patient had not given consent for anyone to be given her personal information. The patient was also not a minor. Also could anything be legally done about this? As a direct result of the nurse giving out the patients personal information the patient was put directly in harms way and ended up sustaining further injuries.
Please clarify how the patient was "put in harms way" and "sustained further injuries" from telling the results to a blood test. Who was it that was told the results...ie...police officer? Spouse? total stranger?
 
Is it a violation of HIPPA for a nurse to tell someone the results of a patient's blood work while the patient is asleep?

It's HIPAA, not "HIPPA," and the answer to the question depends on who the "someone" is and why the results were disclosed.

The person who was told was not a family member of the patient and the patient had not given consent for anyone to be given her personal information.

Simply being "a family member" does not entitle one to medical information covered by HIPAA, and the fact that the patient hadn't consented to disclosure doesn't necessarily mean the disclosure wasn't legal.

could anything be legally done about this?

If a HIPAA violation occurred, the exclusive remedy is to complain to the U.S. Department of Health & Human Services.

As a direct result of the nurse giving out the patients personal information the patient was put directly in harms way and ended up sustaining further injuries.

Please elaborate because this could give the patient a civil claim against the nurse and maybe others.
 
Is it a violation of HIPPA for a nurse to tell someone the results of a patient's blood work while the patient is asleep?

Whether it is a violation of HIPAA depends on who it was that the nurse told and why. You have curiously told us only that the person who was told the results was not a family member of the patient and that the patient was not a minor. That leaves a whole lot of other people that might have been told, and it matters very much who that person was and why the disclosure was made.

Even if it was a HIPAA violation, however, the patient's only recourse there is to complain to the U.S. Department of Health and Human Services (HHS). HIPAA does not give the patient a right to sue for HIPAA violations.

That said, you might have a negligence claim against the nurse and his/her employer under Colorado law. Again, though it matters a lot who was given the test results and why. It also matters what harm the patient suffered from it.
 
The patient was in the ER due to falling in and out of consciousness as the result of a head injury. The head injury was sustained during an altercation with her boyfriend. He was very abusive. When he dropped her off and picked her up again later she was not able to confirm who he was. The blood test results were of a positive pregnancy test. She was " not supposed to have gotten pregnant". So after he brought her home she was beaten again. Never once did any of the hospital staff confirm that he was who he said he was, or that it was ok with her that her test results be shared with him. She had many obvious bruises and a very large black eye. It was even questioned if she was being abused. Only she was never actually asked. They (nurse/dr/) talked about it to each other while standing in the corner of the room.
 
The patient was in the ER due to falling in and out of consciousness as the result of a head injury. The head injury was sustained during an altercation with her boyfriend. He was very abusive. When he dropped her off and picked her up again later she was not able to confirm who he was. The blood test results were of a positive pregnancy test. She was " not supposed to have gotten pregnant". So after he brought her home she was beaten again. Never once did any of the hospital staff confirm that he was who he said he was, or that it was ok with her that her test results be shared with him. She had many obvious bruises and a very large black eye. It was even questioned if she was being abused. Only she was never actually asked. They (nurse/dr/) talked about it to each other while standing in the corner of the room.

If that is true, the ALLEGED victim of the battering should IMMEDIATELY report it to the police or sheriff.

Any other remedies should be addressed AFTER she is fully healed and the perpetrator is under arrest.

If one's home is burning to the ground why would one worry about a trespasser jumping one's fence?
 
The patient was in the ER due to falling in and out of consciousness as the result of a head injury. The head injury was sustained during an altercation with her boyfriend. He was very abusive. When he dropped her off and picked her up again later she was not able to confirm who he was. The blood test results were of a positive pregnancy test. She was " not supposed to have gotten pregnant". So after he brought her home she was beaten again. Never once did any of the hospital staff confirm that he was who he said he was, or that it was ok with her that her test results be shared with him. She had many obvious bruises and a very large black eye. It was even questioned if she was being abused. Only she was never actually asked. They (nurse/dr/) talked about it to each other while standing in the corner of the room.
I don't see that there is any proof that the cause of the additional beating was the release of the test results. The POS had already beat her without knowing she was pregnant and he would have beat her again.
 
"What's past is prologue", as said by Sebastian in Act II, Scene I of The Tempest, comes to mind.
I think that DV Victims and their family would rather blame the hospital for the abuse then the "man" who committed the crime. And now their is a helpless child brought into this violent mess...unless the victim lost her child from the beating.
 
For what it's worth, I think that yes, it's entirely possible that HIPAA was violated. However, for that the patient gets to file a complaint with HHS.

Filing a HIPAA Complaint

HHS will investigate and determine for certain if there was a violation. I agree that it's impossible to say for certain in this venue, but I can't say it didn't happen with the fact pattern we have.

However, that is not going to address the subsequent beating, which I agree would likely have happened regardless; if not for one reason then for another. The nurse who may have violated HIPAA is not and will not be held responsible for that - the only person who has any legal responsibility for that is the person who committed it. So the police need to be called - the sooner the better.
 
The patient was in the ER due to falling in and out of consciousness as the result of a head injury. The head injury was sustained during an altercation with her boyfriend. He was very abusive. When he dropped her off and picked her up again later she was not able to confirm who he was. The blood test results were of a positive pregnancy test. She was " not supposed to have gotten pregnant". So after he brought her home she was beaten again. Never once did any of the hospital staff confirm that he was who he said he was, or that it was ok with her that her test results be shared with him. She had many obvious bruises and a very large black eye. It was even questioned if she was being abused. Only she was never actually asked. They (nurse/dr/) talked about it to each other while standing in the corner of the room.

Who are you in this scenario? Why haven't you called the police if you know someone is being abused? Granted that doesn't guarantee anyone is arrested but...just wondering how you relate to this all.

If you're the one who was abused, please find services in your area to help you get out or a trusted friend or family member.
 
Back
Top