mycrofft
Still crazy but elsewhere
- 11,322
- 48
- 48
Write to your EMSA and the local newspaper, then move away quick.
HIPAA question
- Thread starter firemedic0227
- Start date
Technically your captain might be right.
My understanding is that HIPAA only applies "covered entity" if either:
1. Your agency bills health insurance (it is called the HEALTH INSURANCE portability and accountability act)
or
2. You use electronic medical records.
It is quite possible that a volunteer agency doesn't do either and is thus not covered.
*NOTE: I'm am not a HIPAA lawyer so don't take what I say as gospel. Also, the above only refers to HIPAA, other confidentiality rules including common law right to privacy may still apply
My understanding is that HIPAA only applies "covered entity" if either:
1. Your agency bills health insurance (it is called the HEALTH INSURANCE portability and accountability act)
or
2. You use electronic medical records.
It is quite possible that a volunteer agency doesn't do either and is thus not covered.
*NOTE: I'm am not a HIPAA lawyer so don't take what I say as gospel. Also, the above only refers to HIPAA, other confidentiality rules including common law right to privacy may still apply
mizzcemtp
Forum Probie
- 20
- 1
- 0
The software that is used is formatted by Zoll and electronically transmitted to the Fire Marshall's office, where the billing to Healthcare companies is performed. There is only one Medicare number for the entire county, so each little rescue squad transmits their pcrs to this office.
The only confidentiality laws I know about, or have been trained in, is the HIPAA federal ruling. Did not know there was a common law right to privacy..
- 2,140
- 84
- 48
This question is most likely going to sound condescending and rude, but I do not mean it that way.
How have you been a medic for as long as you have been and not know about the confidentiality laws and rules that apply to you?
I see this as a system failure of epic proportions. This idiot captain or whatever she is seems to be the tip of the iceberg.
Last edited by a moderator:
No sir. Do net let the word "insurance" narrow your mind here.
HIPAA Info said:
Where as the Privacy Rule is a statute of HIPAA, the covered entity is a healthcare provider, and the business associate is the biller/billing company.
http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html
I am confused as to why there is a belief in grey area with these rules. Don't relate your stories to your Pts. Need to transport your Pt through the waiting room to get to the right department? Do it, but consider advocating for your Pt by telling them first and asking them if you can do anything to make them comfortable during the process. Nurse yelling Pt info down the hallway? It's provider to provider, hopefully he/she is reprimanded for inappropriate behavior. Nurse saying you're violating HIPAA? Do what I guarantee you that your system's policy says, and ask if she'd like to file a complaint and written testimony, while you maintain a satisfied smile.
About the "not applying to volunteers" bit, being a volunteer doesn't mean anything. There are volunteer fire fighters, EMTs, SAR medics, etc. It's not "volunteer" that matters, its that fact that we are healthcare providers that are part of a Pts continuity of healthcare. If she has no effect on this persons health, and doesn't fall under any category in the Permitted Use and Disclosure section of the link above (which I strongly recommend everyone read, I'm glad I did), then she doesn't get to know.
If your captain of a city system comes to your station in the evening and asks how your day went, you can tell him/her your calls. If he/she asks the name of one of the Pts, you can say that disclosing the information would be a HIPAA violation. Sound like a silly situation? Yes, because professionals don't put themselves in that situation.
I can't speak for much as I haven't been in a situation in EMS where legal actions may or may not involve me. But my suggestion is if you feel it is right, pursue it. Don't let someone else's wrong doing put you in a corner.
mizzcemtp
Forum Probie
- 20
- 1
- 0
No insult taken... The only confidentiality law that we have been trained in in HIPAA. This is North Carolina, and there are rural areas that aren't even compliant with SOGs/SOPs. This captain wasn't even qualified to hold that position-and that was according to their own bylaws. But as you have seen, the only responses include, basically - turn them in and run.. It's a scary proposition. But in my heart, I know it needs to change.
When we're trained to function one way, and someone else tells us that our training doesn't matter, who do we turn to? We can ask each other questions all day long, and sometimes-just sometimes-a complete stranger-can put the answers directly in front of us. Know this-this captain has not stopped doing this. She is a gossip, and will not allow these files to be stored as required. She has also threatened others. I am most assuredly not gutless or un-educated, but I do not wish to commit professional suicide. I've covered a lot of bases-according to what I know-but if there is anything else I can pull up, I will. I do not intend to use anything childish or stupid, but if there are any other laws out there regarding patient confidentiality, I would like to know. My patient-the one the captain was requesting info on-was not only unresponsive, she and the captain were co-workers at the same public job.... Any advice?
- 2,140
- 84
- 48
If this happened in my area our licensing/ regulatory board would have a field day with this. Every state or county or whatever has rules and regulations pertaining to how confidential info is handles and stored. Here a provider can be investigated for ethical/moral/ professional conduct to other providers. This also seems to be a hostile work environment . Personally I would contact a lawyer an the state regulatory body .
Here is the privacy rule and who it applies to:
Health Care Providers. Every health care provider, regardless of size, who electronically transmits health information in connection with certain transactions, is a covered entity. These transactions include claims, benefit eligibility inquiries, referral authorization requests, or other transactions for which HHS has established standards under the HIPAA Transactions Rule.6 Using electronic technology, such as email, does not mean a health care provider is a covered entity; the transmission must be in connection with a standard transaction. The Privacy Rule covers a health care provider whether it electronically transmits these transactions directly or uses a billing service or other third party to do so on its behalf.
It does seem to be a bit more complicated than first blush
Health Care Providers. Every health care provider, regardless of size, who electronically transmits health information in connection with certain transactions, is a covered entity. These transactions include claims, benefit eligibility inquiries, referral authorization requests, or other transactions for which HHS has established standards under the HIPAA Transactions Rule.6 Using electronic technology, such as email, does not mean a health care provider is a covered entity; the transmission must be in connection with a standard transaction. The Privacy Rule covers a health care provider whether it electronically transmits these transactions directly or uses a billing service or other third party to do so on its behalf.
It does seem to be a bit more complicated than first blush
Not to quote myself, but...
Grimes said:
Unfortunately the summary information sections define multiple things multiple times. But I assure you, HIPAA has never been limited to electronic transmission.
That said, again, if the person who wants to receive the information does not fall under any of the categories defined in the Permitted Use and Disclosure section, that person shouldn't get any information. Period.
mizzcemtp
Forum Probie
- 20
- 1
- 0
That's trying to fall back on the rule itself. There's also a section #160.316 art. C, that states that there is to be no retaliation of any kind against a provider as long as the provider is acting in good faith to protect the patient's PHI. Period. That didn't seem to matter either. There has never been a HIPAA class taught in this particular county. The majority of us that were working there knew and understood because we worked someplace else and were trained in different counties. That's why the 'We're volunteers and we don't have to do that' mentality is ridiculous in this county. I do understand... I just don't know how to get my point across. By the way, DHHS is totally useless when you try to get info on this topic, and the state agency here says that it's a DHHS problem. Nice triangle, right?
mizzcemtp
Forum Probie
- 20
- 1
- 0
Oh, we know. And it's appreciated.. She has multiple problems. I know that legally, she couldn't retaliate against me, but who's gonna defend me? State says it's not liable for any individual county action. This is because the state released implementation of EMS to each individual county as they see fit. As I said, there were no SOGs/SOPs in place, no HIPAA compliance officer, no OSHA compliance officer, an intermediate level captain running around with a key to the narc cabinet because she threw a fit to have her own personal one.... And no SOGs/SOPs regarding dispatch for all branches-and I know that sounds like a lie but it is not.... That's how she managed to call and have us dispatched out of our district into another unit's district.. From her cell phone.
Hope y'all never found yourself in a position where ICS is being used across district lines. That'll be the day she's ruined I'm sure.
Ewok Jerky
PA-C
- 1,401
- 738
- 113
Yes, talk to a lawyer.
You aren't going to get appropriate or accurate legal advice on an internet forum.
mizzcemtp
Forum Probie
- 20
- 1
- 0
I intend to. Sometimes it helps when others that you're not connected to can see the problem with clarity. Our connection here is that we're all EMS, but not in a 'friendly' capacity. We would help each other, but not because we 'hang out' together. There were other factors that were involved, but if you had trouble believing what Ive posted so far, the other things involved would blow your mind. And it's all verifiable and witnessed. Not a joke....