1. Section Editor(s): Brooke, Penny Simpson APRN, MS, JD

Article Content

In my unit, we recently switched to a computerized documentation system. Yesterday the attending physician came by and asked to get on my terminal for a minute to check on one of his patients. He said he was in a hurry and couldn't remember his password. I said okay and let him on. Then he checked on all his other patients too!! Could I get into legal trouble when my password is used to check on patients who aren't assigned to me? -C. L., OHIO


Yes!! You should never share your personal password or allow anyone access to patient records with your password. Under privacy standards mandated by the Healthcare Insurance Portability and Accountability Act (HIPAA), a patient's confidential information must be protected from anyone who hasn't received explicit permission from the patient or who doesn't need to know the information in order to care for him. You met neither of these conditions for most of the patient records the physician accessed.


By using your password, the physician created a record that you viewed information on patients you don't care for. Expect to be contacted by your hospital's compliance officer when the computer flags your password for inappropriate use.


This may seem like an innocent mistake, but some hospitals have a notolerance policy for HIPAA violations and won't even listen to explanations for a violation. You'd better hope that this physician will back you up and that the hospital's policy doesn't require immediate termination of employment for this HIPAA violation.


As a nurse, you're a team player who wants to help out others. But doing a colleague a favor like this will come back to haunt you. Next time anyone asks to "borrow" your computer, explain the HIPAA regulations and just say no.