I work in quality assurance (QA) at a large community hospital. Recently a nurse who also works here was hospitalized in our facility after a serious motor vehicle crash. Rumors were flying that he might not make it. Without thinking, I looked him up in the computer just to check on his condition. (Thankfully, he's now recovering.)
My audits are monitored and he was a nonapplicable patient. My manager has informed me that I violated his privacy.
Even though I wasn't looking for any personal information, I know what I did was wrong. Never in all my years in QA have I done something like this. I'm so upset with myself that I can't sleep at night. How do I fix this?-P.M., IND.
Everyone makes mistakes. In this case, you strayed from professional behavior under the stress of a life-and-death situation, which led you to suspend your normal good judgment. I'm surprised that your manager discussed this with you but didn't help you create an action plan for remedying the situation.
I suggest that you and your manager follow the usual hospital policy in filling out an event report, discussing the situation and the report with the hospital's risk manager. To demonstrate that you understand the seriousness of the breach, be proactive and offer to complete a continuing-education course on your responsibility to protect patient privacy.
You might also suggest that the hospital develop a policy and procedure for sharing confidential information about employees who are also patients in a way that meets all guidelines under the Health Insurance Portability and Accountability Act. For example, information could be released through a designated hospital spokesperson with the family's approval.
Employees need to know which information channels they can safely and appropriately turn to when a colleague is hospitalized where they work. Maybe you could help develop such a policy.