Advice about HIPAA issue

[Disney Doll]

Exactly, but in order for the privacy officer to do this they will have to be given a name. The majority of the responses I saw here are telling mom to just request a list of names period. That's not sufficient proof.

It's sufficient to start.

OP gets a list of names as to who accessed the chart.

Dr.ER Mom is on it.

OP then goes back and tells the Privacy Officer that she would like to know why Dr.ER Mom accessed her son's medical record. She can tell the Privacy Officer some background detail at that point as to why she is concerned about a HIPAA violation.

Privacy Officer then asks Dr.ER Mom why she accessed the medical record. If Dr. ER Mom has a good reason, then so be it.

There is still the issue of Dr.ER Mom's child knowing details of the medical record however. If Dr.ER Mom had a legitimate reason to access the record (ie-asked to consult on the case) it would still beg the question "Did you discuss this with your daughter because your daughter told the patient details about his medical record that she should not have known".

That's where it could get tricky in terms of "he said, she said". Remember the OP's son did not hear this 2nd or 3rd hand...the child of this ER MD came to the OP's son and said it directly. It would then be up to the Privacy Officer to do more reasearch and make some kind of determination.

Frankly it would be better for the Dr.ER Mom to not have her name appear on the list of people who accessed the medical record because then it could chalked up to a teenager blabbing & knowing just enough to make herself sound "authentic". In that case, I might consider being nice to Dr.ER Mom by letting her know that her DD is going around telling people that her Mom accessed medical records and that as her Mom, she might want advise her lying blabbermouth kid as to the possible repercussions of doing that.

Frankly, as an RN, privacy violations infuriate me and perpetrators of them get absolutely no sympathy from me. Patients trust us to keep their private information private. I wouldn't like it of someone who had no business doing so was looking at my private information and I also wouldn't like it if someone who did have some reason to look at my private info (ie-direct caregiver) then went and blabbed it all over town. It is the epitome of unprofessional behavior IMHO and those who do it deserve to be punished.

 

[zurgswife]

Exactly, but in order for the privacy officer to do this they will have to be given a name. The majority of the responses I saw here are telling mom to just request a list of names period. That's not sufficient proof.

There are many responses that state get the list. If her name is on it then follow up accordingly. I think the OP understands that there are additional steps if after the obtaining the list if the Dr. ERs name is on the list.

 

[chloelovesdisney]

There are many responses that state get the list. If her name is on it then follow up accordingly. I think the OP understands that there are additional steps if after the obtaining the list if the Dr. ERs name is on the list.

Ditto. BTW, she doesn't have to talk about it for it to be a violation, she only has to access the record.

The chance of her being a consult on a straightforward case from another institution is almost 0%, and if she was, there will be a record of the consult and her findings, even if it's one sentence long.

If her name is not on the list and mom wants further follow up, the Privacy Officer can call in the ER/radiology staff and ask if anyone has contacted them regarding his records. They still don't have to disclose the doctor's name to anyone.

 

[Ceila]

Exactly, but in order for the privacy officer to do this they will have to be given a name. The majority of the responses I saw here are telling mom to just request a list of names period. That's not sufficient proof.

Nobody said it was sufficient proof. It's the starting point, which I'm sure the OP understands.

 

[hiwaygal]

Nobody said it was sufficient proof. It's the starting point, which I'm sure the OP understands.

I hope so!

Holy Moly all this "what if"...the bottom line is the OP has the right to request an audit of her son's records (yes she has the right as the parent of a minor child).

If the ER doc's name is on there, then she can move forward with the help of the HIPAA compliance officer/Privacy Officer.

If the ER doc's name is not there, the issue is closed.

 

[chloelovesdisney]

I hope so!

Holy Moly all this "what if"...the bottom line is the OP has the right to request an audit of her son's records (yes she has the right as the parent of a minor child).

If the ER doc's name is on there, then she can move forward with the help of the HIPAA compliance officer/Privacy Officer.

If the ER doc's name is not there, the issue is closed.

I think the pp was trying to make the point that if the ER doc's name is not on there, there's the possibility that she called a colleague to get the info.

 

[hiwaygal]

I think the pp was trying to make the point that if the ER doc's name is not on there, there's the possibility that she called a colleague to get the info.

That would be a separate issue...one that the HIPAA compliance officer could handle and IMO should be reported.

But that's not quite what the OP said:

Now, about a month after this incident, DS heard from another student (who knows all the kids involved) that her mother, who is an ER doctor at a different hospital and who has never treated my son, accessed his CT records and determined that it was not a "medical concussion" because the CT did not show scarring, that the doctor at that the original ER did not know what she was doing, and that my DS is a "baby."

If OP clarified later, I may have missed it.

Most importantly, IMO, the OP should not be worried about the doctor's reputation. Her first priority and concern is her son.

 

[badblackpug]

A few things. I would contact the mother 1st, but that is me. I am not one to drag the "powers that be" into things, unless necessary. I am also not afraid of confrontation, but again, that is my personality. If I spoke to the mother and got the vibe she was not being honest, I may then request the records. Contacting the mother does not have to be confrontational or hostile. For instance, "My son said that your daughter told him that you looked at his CT scans. I wanted you to know because I know HIPAA violations are taken quite seriously, and I would hate for your job to be jeopardized over teen drama." I would judge her reaction from there. If I thought she was "off" I might pursue it further.

If I did pursue it and found out that the girl was blowing a lot of smoke, I definitely would NOT have the school handle this. There is enough BS going on in school with the OP's son, this would be adding one more tattle accusation to fuel the teasing fire. I would privately approach the mother, tell her what was said, and tell her that I really want all this drama to just end, but that I think it's important for her to know the professional position that her daughter put her in.

I think the more people that get drug into these things, the more it fuels the fire.

I still, very seriously, doubt if it even happened. I think it is just this girl's way of further shaming the OP's son by making him seem like a wimp, or like he made everything up. Again, typical teen drama. I am a nurse, my husband a doc, we would never come home and tell our kids private details of one of their classmates medical records. It would just be stupid to jeopardize years of hard work and all that money spent on a medical education over silly teen drama.

 

[Pea-n-Me]

I'm seeking unbiased advice here!

My DS 15 was hit in the head at school by another student. The hit was intentional. DS was confused and could not remember details from his day, but he never lost consciousness. Because of his symptoms, we took him to the ER. They did a CT which was clear, but the ER doctor said he had a mild concussion and should not do PE for two weeks and could stay home from school for 5 days (she wrote him an absence excuse).

He returned to school the next day and took his final exams because he did not want to put them off until after the holidays, but still felt lousy for a few more days.

We and his teachers reported the incident to the school, so the guy who hit him was punished according to school policy. This incident has caused quite a bit of personal trouble for DS because a couple the kids who were his friends no longer speak to him; they blame him for the kid getting in trouble. But we are dealing with that!

Now, about a month after this incident, DS heard from another student (who knows all the kids involved) that her mother, who is an ER doctor at a different hospital and who has never treated my son, accessed his CT records and determined that it was not a "medical concussion" because the CT did not show scarring, that the doctor at that the original ER did not know what she was doing, and that my DS is a "baby."

I am upset that she was looking at his records when she had no business doing so and that she told her daughter about this as well.

Does anyone have advice about what I should do? Should I report this to the hospital? To the federal government as a HIPAA violation? Any thoughts?

I haven't read the whole thread.

My son has had two head CTs for sports injuries. Both times they wouldn't have done them but for 1) the first time there was a suspicion of a fractured cheekbone and 2) the second time he had very mild left sided weakness of his extremities and one of the doctors thought she felt a depression in his skull so they wanted to rule out skull fracture. Otherwise they said they would not have done CTs because of the radiation exposure but they also said that a CT wouldn't really show anything on a basic concussion. This was in the ER at Boston's Children's Hospital where they are leading edge in concussions. So the bolded really doesn't make medical sense to me; it sounds more like hogwash.

Other things that come out at me: Oftentimes hospitals do not have connecting medical records systems, so it's doubtful whether someone at one hospital could access records from another, unless the hospitals have an affiliation. Second, a doctor would know full well that accessing a record in that fashion could well result in disciplinary action or even termination. I doubt she would risk it. (I know I wouldn't; and don't - ever.) We are tested on our understanding of this every year and have to sign to that effect. Same for everyone working in the hospital.

When my son had his concussions, he was told not to focus on anything at all for more than 5 minutes; that if he got a headache he was to put his head down right away. It made it difficult to do schoolwork. There's no way he would have taken exams at that time. I recognize that understanding and communication about this isn't optimal. It's getting better since concussions are becoming more understood, but we should really all be on the same page about it and right now, we're not. It was kind of frustrating. I hope your son is doing better.

 

[DisneyATlast]

A few things. I would contact the mother 1st, but that is me. I am not one to drag the "powers that be" into things, unless necessary. I am also not afraid of confrontation, but again, that is my personality. If I spoke to the mother and got the vibe she was not being honest, I may then request the records. Contacting the mother does not have to be confrontational or hostile. For instance, "My son said that your daughter told him that you looked at his CT scans. I wanted you to know because I know HIPAA violations are taken quite seriously, and I would hate for your job to be jeopardized over teen drama." I would judge her reaction from there. If I thought she was "off" I might pursue it further.

If I did pursue it and found out that the girl was blowing a lot of smoke, I definitely would NOT have the school handle this. There is enough BS going on in school with the OP's son, this would be adding one more tattle accusation to fuel the teasing fire. I would privately approach the mother, tell her what was said, and tell her that I really want all this drama to just end, but that I think it's important for her to know the professional position that her daughter put her in.

I think the more people that get drug into these things, the more it fuels the fire.

I still, very seriously, doubt if it even happened. I think it is just this girl's way of further shaming the OP's son by making him seem like a wimp, or like he made everything up. Again, typical teen drama. I am a nurse, my husband a doc, we would never come home and tell our kids private details of one of their classmates medical records. It would just be stupid to jeopardize years of hard work and all that money spent on a medical education over silly teen drama.

This is exactly how I feel. Exactly.

I'm not sure why people think that just because this girl talked about a "medical concussion" that means the mom MUST have accessed and disclosed PHI!!
I'm not afraid of confrontation either which is why I'm not afraid to confront the source of problems.

It's obvious from this thread alone (full of grown adults) that people like to throw around names/titles. "My aunt, sister, cousin is an RN and she says..." Now, think about what that would sound like amongst a group of teenagers.

I just had to contact my supervisor last night when some guy was going around telling everybody that he knows her and "wait until she comes back to work on Monday! I'm going to be having a talk with her, etc." In reality, she has no idea who he is, but he apparently knows someone who knows her.

You never know. It could be true, but I highly doubt it. I don't talk about patients EVER, not even with my husband....much less with my kids. If I had to guess, I would say the conversation went more like this.

Teen girl: "Mom, there's this kid at school who says he had a concussion after Billy hit him in the head. Now, Billy is going to get in trouble because he had to go to the ER and had all these problems with his brain and he can never play sports again, but then the next day he was back at school taking exams."

Mom: "Well, he could've had a concussion, but it might not have been that serious. He should probably be out of school for at least a day though. Who knows."

Teen girl: "Yeah, he was right back to school. He's just a baby."

Mom: (while typing on DIS boards) "Yeah."

Now, the MD mom has now looked at the CT scan herself, called "this kid at school" by name, given him a diagnosis, and called him a baby.

I've gotten pretty used to hearing people say they're going to sue the entire hospital so this whole scenario and the suggestions probably shouldn't surprise me, but it has.

 

[hiwaygal]

It's obvious from this thread alone (full of grown adults) that people like to throw around names/titles. "My aunt, sister, cousin is an RN and she says..." Now, think about what that would sound like amongst a group of teenagers.

So why is your take on the situation any more valid than anyone else's?

From the original post, the daughter said her mother read the scans. Whether true or not it is an implication of the violation of a privacy law.

The OP can find out if the law was actually violated or not. If it was, she can then choose her next step. If it wasn't NO ONE was harmed by her requesting that her child's records be audited for unauthorized access.

 

[sam_gordon]

I'm not sure why people think that just because this girl talked about a "medical concussion" that means the mom MUST have accessed and disclosed PHI!!

To me, the teen girl saying "the CT didn't show scarring" is what makes me think she did possibly hear something from the mother. MAYBE.

I still think it's worth asking at the hospital for the list of who saw the medical files. Without naming any names, why should there be any kind of backlash?

 

[badblackpug]

So why is your take on the situation any more valid than anyone else's?

From the original post, the daughter said her mother read the scans. Whether true or not it is an implication of the violation of a privacy law.

The OP can find out if the law was actually violated or not. If it was, she can then choose her next step. If it wasn't NO ONE was harmed by her requesting that her child's records be audited for unauthorized access.

I don't think she said her take was more valid, I think she, like I, would handle the situation very differently.

Again, I am not a person whose 1st line of defense is to make things "official," especially if I had doubts about the situation. I would attempt to resolve it on a civilized parent to parent level. If I didn't feel I had resolution in the situation or I felt that the mother wasn't truthful, I'd move on from there.

It's a different perspective.

The OP's son is being teased in school. Teenaged kids love to dog pile, particularly girls. "Little boys play war, little girls wage war." I think this was a little fib she threw out to lend credence to her teasing. Kind of like "my big brother is gonna beat you up!" but only on a more "mature" scale.

Rather than make a big hoopla, I would approach the mother and say, "Look, we have a situation here..."

I realize some people might not be comfortable doing that.

 

[OceanAnnie]

I don't think she said her take was more valid, I think she, like I, would handle the situation very differently.

Again, I am not a person whose 1st line of defense is to make things "official," especially if I had doubts about the situation. I would attempt to resolve it on a civilized parent to parent level. If I didn't feel I had resolution in the situation or I felt that the mother wasn't truthful, I'd move on from there.

It's a different perspective.

The OP's son is being teased in school. Teenaged kids love to dog pile, particularly girls. "Little boys play war, little girls wage war." I think this was a little fib she threw out to lend credence to her teasing. Kind of like "my big brother is gonna beat you up!" but only on a more "mature" scale.

Rather than make a big hoopla, I would approach the mother and say, "Look, we have a situation here..."

I realize some people might not be comfortable doing that.

I understand your POV. To me, saying, "We have a situation here.", kinda puts a team vibe out there. I wouldn't be feeling it.

Everyone is different. There are channels for this sort of thing, I'd make use of them. There is nothing wrong with either way.

 

[hiwaygal]

I don't think she said her take was more valid, I think she, like I, would handle the situation very differently.

Again, I am not a person whose 1st line of defense is to make things "official," especially if I had doubts about the situation. I would attempt to resolve it on a civilized parent to parent level. If I didn't feel I had resolution in the situation or I felt that the mother wasn't truthful, I'd move on from there.

It's a different perspective.

The OP's son is being teased in school. Teenaged kids love to dog pile, particularly girls. "Little boys play war, little girls wage war." I think this was a little fib she threw out to lend credence to her teasing. Kind of like "my big brother is gonna beat you up!" but only on a more "mature" scale.

Rather than make a big hoopla, I would approach the mother and say, "Look, we have a situation here..."

I realize some people might not be comfortable doing that.

Fair enough. And if the ER doc mom is someone the OP knows enough to talk about it with, I can understand that option. But if the OP has never talked to this parent, starting an acquaintance in this way would be awkward to say the least. IMO that has the potential to go bad quickly. By contacting the Privacy Official, it's completely anonymous unless or until it isn't.

 

[sunshinehighway]

I don't think she said her take was more valid, I think she, like I, would handle the situation very differently.

Again, I am not a person whose 1st line of defense is to make things "official," especially if I had doubts about the situation. I would attempt to resolve it on a civilized parent to parent level. If I didn't feel I had resolution in the situation or I felt that the mother wasn't truthful, I'd move on from there.

It's a different perspective.

The OP's son is being teased in school. Teenaged kids love to dog pile, particularly girls. "Little boys play war, little girls wage war." I think this was a little fib she threw out to lend credence to her teasing. Kind of like "my big brother is gonna beat you up!" but only on a more "mature" scale.

Rather than make a big hoopla, I would approach the mother and say, "Look, we have a situation here..."

I realize some people might not be comfortable doing that.

I don't see the point of talking to the mother first. If she is the type of person to look and tell her daughter, she's not going to be honest or she maybe she'd get defensive and decide to wage her own war against the op and her son.

If she didn't look, Its not going to help the op's son at school. He'll just have more problems because he "ran and tattled to his mommy on the girl" and got her in trouble. If she's the type to make this all up and call him a baby, she's the type that his mother talking to her mother will only make her worse.

 

[teacup princess]

I didn't read the whole thread but, no, I wouldn't report her. I talk to the mother privately, though. Hippa has just become one more law that gives our litigious society another reason to sue each other. Reporting her will do nothing to protect or benefit your son. Should she have done it if true? No. Ask yourself- Is getting in on the drama and getting even with her or the other kids involved worth potentially harming her career? Is it worth further inflaming the situation for your son more?

 

[badblackpug]

I don't see the point of talking to the mother first. If she is the type of person to look and tell her daughter, she's not going to be honest or she maybe she'd get defensive and decide to wage her own war against the op and her son.

If she didn't look, Its not going to help the op's son at school. He'll just have more problems because he "ran and tattled to his mommy on the girl" and got her in trouble. If she's the type to make this all up and call him a baby, she's the type that his mother talking to her mother will only make her worse.

This won't end well for her son, no matter what happens. Whether she approaches the mother, or whether she requests the records, or both, he is still going to be the kid that tattled to mommy. It's already out there that he is a "baby" and a "snitch." It's just going to keep snowballing. Unfortunately, that is how teenagers are.

The issue I have, here, is that everyone automatically believes the mother did it, and is, basically, adopting a "guilty until proven innocent" stand. They are judging the mother (without knowing her) based on the actions of the daughter. Everyone is assuming this woman is some sort of horrible person, might she be? Yes, but she might also be a perfectly normal parent to a perfectly normal teen girl, who has no idea what crap her little princess is spewing at school.

I get everyone's desire to always defend and believe your kids. I get feeling angry because your kid is hurt. As a parent, I would hope that another parent would give me the benefit of the doubt and have enough respect for me, as an adult and parent, to have a civilized discussion. I know on the Dis there is a higher than average percentage of gifted and perfect children, but having been a teenaged girl, and having a teenaged girl, I know how they can be. I would hope that a reasonable parent wouldn't, automatically, assume I was a horrible person based on my teenaged girl, acting like a teenaged girl. Just think how you (general you) would like to be treated in this situation. I would much rather a parent approach me, than make trouble on my job.

There are 3 sides to every story, this one included. What the OP's son says, what the girl says, and the truth, which is probably somewhere in between the 2 stories.

 

[hiwaygal]

The son doesn't need to know.

No one besides the OP and the Privacy Officer needs to know.

UNLESS the ER doc mom actually did access the records, then I'm pretty sure the hospital will take over.

And I don't think the doc is automatically "guilty". In fact, I'm pretty sure that she would not risk her license and career to participate in high school drama. But it's easy enough to find out the truth and does no harm to anyone.

 

[sunshinehighway]

This won't end well for her son, no matter what happens. Whether she approaches the mother, or whether she requests the records, or both, he is still going to be the kid that tattled to mommy. It's already out there that he is a "baby" and a "snitch." It's just going to keep snowballing. Unfortunately, that is how teenagers are.

The issue I have, here, is that everyone automatically believes the mother did it, and is, basically, adopting a "guilty until proven innocent" stand. They are judging the mother (without knowing her) based on the actions of the daughter. Everyone is assuming this woman is some sort of horrible person, might she be? Yes, but she might also be a perfectly normal parent to a perfectly normal teen girl, who has no idea what crap her little princess is spewing at school.

I get everyone's desire to always defend and believe your kids. I get feeling angry because your kid is hurt. As a parent, I would hope that another parent would give me the benefit of the doubt and have enough respect for me, as an adult and parent, to have a civilized discussion. I know on the Dis there is a higher than average percentage of gifted and perfect children, but having been a teenaged girl, and having a teenaged girl, I know how they can be. I would hope that a reasonable parent wouldn't, automatically, assume I was a horrible person based on my teenaged girl, acting like a teenaged girl. Just think how you (general you) would like to be treated in this situation. I would much rather a parent approach me, than make trouble on my job.

There are 3 sides to every story, this one included. What the OP's son says, what the girl says, and the truth, which is probably somewhere in between the 2 stories.

I don't think posters are assuming she did it. Some posters think its more of a possibility than others. I understand you think its highly unlikely, others don't feel that way.There was a poster further back that admitted she would have been tempted to look. It seems the best way to know is to ask the appropriate person at the hospital. That's the only way to find it if she looked or not.

I think the 3 sides thing can be overused. Either the girl said what she said or she didn't.