Explore BrainMass
Share

HIPAA Violation Scenarios

This content was COPIED from BrainMass.com - View the original, and get the already-completed solution here!

What changes need to be recommended to ensure data security and privacy compliance under HIPAA (1996)?

Compliance Concern #1

PFCH Email Record
From: Vertie Matza <vertie.matza@pfch.net>
To: Fredric Adair; Eleanore Thacker; Caterina Hossack
Date: April 25
Subject: Unauthorized disclosure of patient information
As you know, Hayden Samual Barrett, II, the esteemed governor of our state has been in our hospital for surgery and is still an inpatient. As we discussed prior to admission, he wanted the admission to remain private in light of controversial politics issues currently in the media. Prior to admission, I assured him that no one would know of the admission unless he desired them to know.
However, last night the evening news on channels 4, 6, and 10 ran the story of the governor's admission to our hospital. I have been in contact with the news stations and they will honor the governor's request and not run further stories about his admission. However, the information has already been leaked in last night's story. The media obviously can't tell me their source, but did indicate it was an employee of the facility. We will need to investigate internally to see if we can determine the source of the leak of the information.
Vertie Matza, Director - Public Relations
Please consider the environment before printing this email.
This message is private and confidential. If you have received it in error, please contact the sender immediately and delete it from your system.

PATTON - FULLER COMMUNITY HOSPITAL
From: Eleanore Thacker, Dir. of Nursing (Medical/Surgical)
To: Fredric Adair, Chief Compliance Officer; Caterina Hossack, Chief Nursing
Officer
cc: Nadene Saetteurn, Chief Human Resources Officer
Date: May 15
Re: Unauthorized access of medical records - Barrett, Hayden Samual
In response to your email on the first of this month, I have reviewed patient care files to determine which employees needed access to the patient file information of Hayden Samual Barrett, II in order to provide clinical care. The following employees were authorized under HIPAA to view the file information in order to provide patient care.
• Darwin Castello
• Delma Flora
• Tyron Glasgow
• Chloe Rafey
Further, in reviewing training files, it appears that all employees providing clinical care have received training on HIPAA within the year. The only employee on your list who did not receive training was Dawn Sage.

PFCH Email Record
From: Nadene Saetteurn <nadene.saetteurn@pfch.net>
To: Fredric Adair
Subject: Unauthorized release of medical information - Governor
In light of the recent public release of information about the governors stay in our hospital, I have interviewed all employees listed on the May 1, memo. In these interviews Bennie Bellamy has disclosed that he contacted the media and disclosed that the Governor was staying in our hospital.
It will fall on the nursing department to follow-up with the employee for his violation of the HIPAA privacy law. If you need any assistance with this follow-up please let me know.
Nadene Saetteurn, Chief Human Resources Officer
Please consider the environment before printing this email.
This message is private and confidential. If you have received it in error, please contact the sender immediately and delete it from your system.

Compliance Concern #2

PFCH Email Record
From: Wilburn Downs <wilburn.downs@pfch.net>
To: Fredric Adair
cc: Zachary Hardie
Date: Jun. 15
Subject: Data Security Breach
I regret to inform you that yesterday we were moving CD's with patient information regarding 1,000 hospital patients from the storage unit where they were being stored to the hospital for better safe keeping. Enroute to the hospital, the courier was stopped for speeding and got out of his car to talk to the police officer. When he returned to the vehicle, the CD's with the patient information were missing. He immediately reported the loss upon return to the hospital. He has retraced his route, looked in the surrounding area where he was stopped, and in other locations, but can not find the missing CD's. The data on the CD's was not encrypted and would be readable by anyone finding the CD's. We have the back-up CD's on site with the patient information, so the big concern is the privacy breach.
Wilburn Downs, Director - Information Technology
Please consider the environment before printing this email.
This message is private and confidential. If you have received it in error, please contact the sender immediately and delete it from your system.

PFCH Email Record
From: Nadene Saetteurn <nadene.saetteurn@pfch.net>
To: Fredric Adair
Date: Jun. 20
Subject: Re: Data Security Breach
Per your request I have reviewed the employment status of the courier who was on duty the day the CD's with patient information were lost.
The courier was filling in for the day as a temporary employee through ABC Employment Agency. His name was Sebastian Tresch. He performed temporary work for us for two days on June 13, 2010 and June 14, 2010.
Let me know if you need further information or if I can be of more
assistance in this matter.
Nadene Saetteurn, Chief Human Resources Officer
Please consider the environment before printing this email.
This message is private and confidential. If you have received
it in error, please contact the sender immediately and delete it
from your system.

DIRECTOR OF QA / RISK MANAGEMENT
Date Patient Employee Reports are below
03/19/2010 Maguet, Yahaira Hudspeth, Joan
04/10/2010 Eskra, Janessa Flora, Delma
04/12/2010 Maves, Dorsey Mares, Darnell
04/20/2010 Garcia, Pablo
Garcia, Maria Hudspeth, Joan
04/30/2010 Preuss, Blaine
Jenquin, Joshua Castillo, Darwin
05/10/2010 Pecoraino, Ronny Hudspeth, Joan
05/12/2010 Johnson, Yasmin Ashley, Teresa

1.
PATTON - FULLER COMMUNITY HOSPITAL
Incident Report Form
Patient Name: Yahaira Maguet
Employee Name: Joan Hudspeth, R.N.
Date: 3/19/10
Time: 21:35
Incident Description: Hydromorphone was given instead of morphine for a patient in pain.
Patient Response: This resulted in an overdose to the patient who went into respiratory arrest.
Clinical Response: The arrest team was able to resuscitate the patient. The doctor was informed and the patient has had no long term effects.

2.

PATTON - FULLER COMMUNITY HOSPITAL
Incident Report Form
Patient Name: Janessa Eskra
Employee Name: Delma Flora, R.N.
Date: 04/10/10
Time: 07:15
Incident Description: Medication prescription was written as 5U. Nurse read the handwritten prescription as 50 and gave dose that was 10 times what was ordered.
Patient Response: The patient was lethargic for 4 hours, then the effects wore off and patient resumed normal mental status.
Clinical Response: Nurse Flora notified the doctor and a drug to counter the overdose was ordered. It was administered as soon as available.
3.
PATTON - FULLER COMMUNITY HOSPITAL
Incident Report Form
Patient Name: Dorsey Maves
Employee Name: Darnell Mares, R.N.
Date: April 12, 2010
Time: 03:54
Incident Description: Topril was given instead of Topramax.
Patient Response: The patient had a seizure because he did not receive the topramax.
Clinical Response: Nurse Mares was present during the seizure, there was no harm during the seizure, and topramax was administered late.

4.
PATTON - FULLER COMMUNITY HOSPITAL
Incident Report Form
Patient Name: Pablo Garcia, Maria Garcia
Employee Name:Joan Hudspeth
Date: 04/20/10
Time: 22:35
Incident Description: Pablo Garcia was given the prednisone ordered for Maria Garcia.
Patient Response: The medication dose did not result in any change in symptoms for Pablo Garcia. Maria Garcia was given her medication late when the error was determined.
Clinical Response: Both patients were monitored to determine any impact.

5.
PATTON - FULLER COMMUNITY HOSPITAL
Incident Report Form
Patient Name: Blaine Preuss, Joshua Jenquin
Employee Name: Darwin Castillo, R.N.
Date: 4/30/10
Time: 00:45
Incident Description: Blaine Preuss was given a Demerol shot for pain that was intended for Joshua Jenquin.
Patient Response: Preuss was heavily sedated and minimally responsive for several hours. The physician came in to evaluate and elected to have him sleep it off. Joshua Jenquin suffered severe pain (rated at 8 on a scale of 8/10) for several hours before he received the shot when next scheduled several hours later.
Clinical Response: Physician evaluation of Blaine Preuss

6.
PATTON - FULLER COMMUNITY HOSPITAL
Incident Report Form
Patient Name: Ronny Pecoraino
Employee Name: Joan Hudspeth, R.N.
Date: 05/10/2010
Time: 9:30 - 23:53
Incident Description: Maximum dose of heparin was given 3 times in one day. The order was written to titrate the dose based on patient lab levels. Lab levels came back and showed that the patient should have received the minimum dose the second time and no dose the third time.
Patient Response: Ronny started to bleed from his wound. The hospitalist arrived to try to control bleeding, but was not able to stop it. Mr. Pecoraino died at 23:53.
Clinical Response: Hospitalist intervened, but was unable to save the patient.

7.
PATTON - FULLER COMMUNITY HOSPITAL
Incident Report Form
Patient Name: Yasmin Johnson
Employee Name: Teresa Ashley, R.N.
Date: 05/12/10
Time: 11:36
Incident Description: Blood was ordered for Alaine Johnson, but administered to Yasmin Johnson. Yasmin Johnson is B+ and Alaine Johnson is A+.
Patient Response: Yasmin Johnson had a severe reaction to the mismatched blood, went into shock, and was transferred to ICU.
Clinical Response: ICU monitored her condition.

© BrainMass Inc. brainmass.com March 22, 2019, 3:14 am ad1c9bdddf
https://brainmass.com/health-sciences/healthcare-disciplines/hipaa-violation-scenarios-606794

Attachments

Solution Preview

Scenario 1
Wow. Straight from the desk of the Obvious Department, it has been deemed that the employee who called the news station should have known better. Therefore, this needs to be dealt with swiftly and without forgiveness. It was wildly inappropriate for the employee, Bennie Bellamy, to call the news and disclose that the governor was staying at their hospital. This is grounds for termination and the Human ...

Solution Summary

HIPAA violation scenarios are examined. The changes and recommendations to ensure data security and privacy compliance under HIPAA are examined.

$2.19