Privacy violations in an ER?
May 27, 2012 1:49 AM Subscribe
Recently I had to spend a few hours in a psychiatric emergency waiting room where none of the staff seemed to have any consideration for the privacy of the patients being triaged there. Are any of the things I experienced violations of HIPAA or the like, and if so, what, if anything, would you do about them? (Details inside.)
These things happened:
1. The first waiting room was next to the initial triage room where patients were briefly interviewed, had their vitals taken, etc. The glass between these rooms must have been paper thin, because I heard every single thing every patient in there said.
2. While I was being interviewed, the charge nurse was interrupted several times by a subordinate. He asked questions about patients using their first AND last names. At no time during any of my interviews was the door shut.
3. One patient was doing her intake interview in the hallway outside one of the waiting rooms. There were a number of vacant rooms, so it seemed a bit weird to do pre-counseling in the hallway.
4. Another patient had her intake data taken IN the waiting room. Full name, home address, why she was there, where she worked--all right there in the corner while she cried in her pajamas.
Am I weird for thinking this is way over the top? Should I do something about it, and if so, what?
These things happened:
1. The first waiting room was next to the initial triage room where patients were briefly interviewed, had their vitals taken, etc. The glass between these rooms must have been paper thin, because I heard every single thing every patient in there said.
2. While I was being interviewed, the charge nurse was interrupted several times by a subordinate. He asked questions about patients using their first AND last names. At no time during any of my interviews was the door shut.
3. One patient was doing her intake interview in the hallway outside one of the waiting rooms. There were a number of vacant rooms, so it seemed a bit weird to do pre-counseling in the hallway.
4. Another patient had her intake data taken IN the waiting room. Full name, home address, why she was there, where she worked--all right there in the corner while she cried in her pajamas.
Am I weird for thinking this is way over the top? Should I do something about it, and if so, what?
Response by poster: Thanks. :) That's exactly what I needed to know. And kind of surprising, too.
posted by xyzzy at 2:26 AM on May 27, 2012
posted by xyzzy at 2:26 AM on May 27, 2012
Yes and no. The institutional cost of HIPAA is already insanely high. It's a good law in that it keeps your information from being disseminated to horrible people and organizations with hefty repercussions in place. But there's a practicality that has to be observed: as the document says, quick, effective, and high quality health care trumps health care privacy in situations where the burden would be too great.
In your specific case, I'm really surprised that the nurses used names. My fiancee's a nurse supervisor (though NOT on the ER unit, so that may be different) and I've *never* heard her refer to patients by name. When I'm visiting on the unit, they use room numbers exclusively. I'm pretty sure this is their SOP even when visitors aren't there.
They also have semi-private rooms, and some shared rooms, and sometimes they have to overflow into the hallway. (They're a large level 1 trauma center, and they're modernizing their ICU, for instance, so things will get interesting since they'll be splitting an overflow unit with the ICU now.)
This is unfortunate, but I think you have to think of HIPAA as a law intended to keep people from nefariously accessing and using your private health data against you (future employers, muckrakers, corporations looking to market to you, etc.), and not so much as a guarantee that no one else in the hospital where you're actively being treated will overhear anything. It's simply not reasonably actionable in any meaningful way for most cases (what are you going to do with the information you overheard, for instance, even if you're intent is evil) and if you require a higher standard of privacy, you can probably request that no problem.
ER wait times are brutal enough without them having to assign and move you to a private intake room just to listen to you talk about where it hurts, to put it bluntly. Most people just want to get admitted as quickly as possible.
Your quality of care is their top priority. Your privacy is on the list, absolutely, but it's further down, and that's why that document specifically still allows for listing conditions outside patients rooms ("high fall risk", "diabetic diet") and the like: it's more important that that information be readily accessible and well disseminated than it is to place a barrier to it that slows down your care or could jeopardize it.
posted by disillusioned at 2:52 AM on May 27, 2012 [5 favorites]
In your specific case, I'm really surprised that the nurses used names. My fiancee's a nurse supervisor (though NOT on the ER unit, so that may be different) and I've *never* heard her refer to patients by name. When I'm visiting on the unit, they use room numbers exclusively. I'm pretty sure this is their SOP even when visitors aren't there.
They also have semi-private rooms, and some shared rooms, and sometimes they have to overflow into the hallway. (They're a large level 1 trauma center, and they're modernizing their ICU, for instance, so things will get interesting since they'll be splitting an overflow unit with the ICU now.)
This is unfortunate, but I think you have to think of HIPAA as a law intended to keep people from nefariously accessing and using your private health data against you (future employers, muckrakers, corporations looking to market to you, etc.), and not so much as a guarantee that no one else in the hospital where you're actively being treated will overhear anything. It's simply not reasonably actionable in any meaningful way for most cases (what are you going to do with the information you overheard, for instance, even if you're intent is evil) and if you require a higher standard of privacy, you can probably request that no problem.
ER wait times are brutal enough without them having to assign and move you to a private intake room just to listen to you talk about where it hurts, to put it bluntly. Most people just want to get admitted as quickly as possible.
Your quality of care is their top priority. Your privacy is on the list, absolutely, but it's further down, and that's why that document specifically still allows for listing conditions outside patients rooms ("high fall risk", "diabetic diet") and the like: it's more important that that information be readily accessible and well disseminated than it is to place a barrier to it that slows down your care or could jeopardize it.
posted by disillusioned at 2:52 AM on May 27, 2012 [5 favorites]
It is also important to reflect upon how much money ERs lose for hospitals. Procedures have low reimbursement rates and the bad debt and charity care write offs are huge. If the government started to go after ERs for HIPAA, that would be just the excuse hospitals need to close their ERs.
posted by MattD at 4:41 AM on May 27, 2012
posted by MattD at 4:41 AM on May 27, 2012
Just popping in to say that I worked as a nurse's aid in a busy ER for a few years in college, and I couldn't have answered your question better than disillusioned has. We had a color system on our charts in which one color meant that we had to take more care than usual with privacy. It was always on the charts of minors, DV victims, patients of gang-related violence, and psych patients.
posted by Kevtaro at 5:04 AM on May 27, 2012
posted by Kevtaro at 5:04 AM on May 27, 2012
Best answer: Chances are the hospital has an ombudsman or patient advocate - why not call/send a note saying "I get that you have exigent circumstances, but the full names, addresses, etc. - come on, try a little."
Most hospitals (even emergency departments) that I've been in pay a little bit of attention to this, at least. The full names thing, I've never experienced - first names, yeah, but not surnames. No one really cares very much about symptom/diagnosis privacy (I have never been in a dedicated psych ER, but I have been in one where they did psych intake with everyone else.) But identity stuff they're a bit more cautious about, in my experience (which mostly predates HIPAA.)
posted by SMPA at 6:08 AM on May 27, 2012
Most hospitals (even emergency departments) that I've been in pay a little bit of attention to this, at least. The full names thing, I've never experienced - first names, yeah, but not surnames. No one really cares very much about symptom/diagnosis privacy (I have never been in a dedicated psych ER, but I have been in one where they did psych intake with everyone else.) But identity stuff they're a bit more cautious about, in my experience (which mostly predates HIPAA.)
posted by SMPA at 6:08 AM on May 27, 2012
Response by poster: Well, it wasn't really a typical ER. It's a dedicated psych ER that functions as a triage center for all the local hospitals. At the time I was there, it was deserted except for a couple of patients and about half a dozen staff members. I can totally understand not being able to control what everyone can hear at all times, but I truly was startled by the interview of a distressed patient IN the waiting room when there was literally an entire hallway of empty rooms. By the time he was done I knew where she lived, worked, some sordid details about why she was there, and the date of her last period. It was just so very odd. But apparently not any kind of violation, based on the document disillusion linked.
posted by xyzzy at 7:04 AM on May 27, 2012
posted by xyzzy at 7:04 AM on May 27, 2012
Maybe the person doing the intake had a reason to prefer being in a common area because of the patient's particular symptoms, or the incident that precipitated their arrival?
posted by snuffleupagus at 7:35 AM on May 27, 2012
posted by snuffleupagus at 7:35 AM on May 27, 2012
Best answer: My hospital has a prominent sign at the intake area that says something like "privacy of conversations in this area can not be guaranteed". In smaller writing it tells you you can request a private interview if you like. I assume that would take longer.
posted by ctmf at 11:53 AM on May 27, 2012
posted by ctmf at 11:53 AM on May 27, 2012
Best answer: HIPAA was passed to prevent employers, insurers and health care providers from discriminating against people based on their health conditions, and to protect people from having this information shared without their permission. It was not passed to make all health information so strictly secret and private that no human being can access or overhear it ever no matter what.
posted by croutonsupafreak at 1:06 PM on May 27, 2012
posted by croutonsupafreak at 1:06 PM on May 27, 2012
Best answer: I just took HIPAA and IRB confidentiality training last week. The course indicated that it was acceptable to talk about patients/subjects in public areas if reasonable discretion was used.
posted by easy, lucky, free at 8:05 PM on May 27, 2012
posted by easy, lucky, free at 8:05 PM on May 27, 2012
This thread is closed to new comments.
Relevant sections (though the entire document is relevant): Googled "hipaa emergency room intake", btw.
posted by disillusioned at 2:13 AM on May 27, 2012 [1 favorite]