Response To Compliance Management Scenario

1265 Words6 Pages
Response to Compliance Management Scenario Compliance management in a complicated and ever expanding portion of the Health Information Management (HIM) field. As federal, state and local laws are created and revised, HIM professionals must stay current of not only the regulations but also the consequences of non-compliance. Along with federal, state and local laws, attention must be paid to the guidelines of various accreditation and credentialing bodies. Scenario Mistakes, Type of Violation and Preventative Solution There are several mistakes made in the provided Compliance Management Scenario. These mistakes include the nurse’s public announcement of the issue, Sue’s access of the chart to discover information about the patient’s diagnosis,…show more content…
This type of disclosure is an organizational violation, but could also lead to legal ramifications as well. Incidental disclosure of protected health information is not considered to be a “violation of the HIPAA medical privacy regulation provided the covered entity has applied reasonable safeguards” (Hatton, 2003) to help prevent them. This error also has the potential to cause distrust in the patient that the nurse is transporting, causing them to lose faith in the company. The nurse stopped Sue in the hallway (a public space), while transporting another patient, to tell Sue that there was an issue. The nurse made no attempt to keep the issue private and rattled of the details in front of the escorted patient, even though the situation was not an emergency or life threatening. This, in turn, lead to the incidental disclosure of Joseph Stevens’ health information. To help prevent this mistake in the future, Sue and the compliance officer should work together to institute training that educates employees on incidental disclosure and how to minimize the occurrence. Another aspect of this mistake, is that Sue did nothing to dissuade the nurse from continuing the discussion in front of the patient and in a public space. Sue should have invited the nurse to come to her office…show more content…
“A breach is, generally, an impermissible use or disclosure under the Privacy Rule that compromises the security or privacy of the protected health information.” (Office for Civil Rights (OCR), 2013) This definition accurately describes what took place in Mr. Steven’s situation. Sue should have taken the time to reach out to Mr. Steven, not only to inform him of the breach (which should also be done in writing,) but also to let him know that the situation was being handled in an appropriate manner. This would have helped Mr. Steven’s view of the practice and also may have helped him not to lose faith in the organization. Not notifiying the patient of the breach is a legal violation of the HIPAA law(s.) It is also an organizational

More about Response To Compliance Management Scenario

Open Document