HIPPA question

Home Forums Nurse to Nurse Advice HIPPA question

This topic contains 2 replies, has 2 voices, and was last updated by Profile photo of Jason Hautala RN Jason Hautala RN 3 years, 2 months ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
  • #16318

    A ‘feature” of our new EMR, Cerner, is one in which if a patient is admitted to the hospital from the ER and then develops signs of sepsis, such as low blood pressure, high WBCs, etc, it will send us a warning about that patient as a pop up window. Not only are these pop ups annoying, I feel they are a HIPPA violation because once the patient is out of the ER, I no longer have a need to know anything about the patient, but the system is making me look at their name, their specific lab values, and their specific vital signs, along with a warning of what the computer thinks the patient has (sepsis, pneumonia, MRSA, etc.) I can see how sending the PCP this information would be useful, or even to the nurse taking care of the patient at the time, but to send it to the ER nurse, who no longer has anything to do with the patient seems to break the minimum required information rule of HIPPA. I sent an email to our HIPPA person at work who states she looked into it and finds it not to be in violation of HIPPA, but the more I read, the more convinced I’m right.

    Are there any HIPPA queens or kings out there who can confirm or deny my position?


    It is my understanding that it is a violation. Once your patient was discharged from the ER, that patient is not longer a part of your job duties. You receiving information about their labs, other medical test, diagnosis, and treatment are no longer a requirement for your job duties as the patients has been discharged from your care. It would be no different than you going down to the medical records department and riffling through random charts even if you had at one time or another taken care of the patients. It is protected health information and unless that patient becomes your patient again it should remain that way.

    “The minimum necessary standard, a key protection of the HIPAA Privacy Rule, is derived from confidentiality codes and practices in common use today. It is based on sound current practice that protected health information should not be used or disclosed when it is not necessary to satisfy a particular purpose or carry out a function.”

    http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/minimumnecessary.html There are a few links on here that will explain some of it. Another source would be the BON in your state.

    Hope this helps.


    Thank you 🙂

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

Skip to toolbar