Q The patient asks to bring someone in the exam room with you. Do you need to get written authorization to talk to the patient in front of that person?
A No – you can ask the patient if you can speak freely in front of the person. If you suspect abuse, you can ask the visitor to step outside for a few minutes while you examine the patient more thoroughly.
Q What about other friends and family who accompany the patient into the hospital?
A Try to establish a single person who can accompany the patient into the exam room, with the patient’s permission, and follow the above guideline. Document that this person is present as you examine and talk with the patient. Leave it to the patient or this person to share information with others.
Q The patient is unconscious or mentally incompetent. Can I call family or friends?
A Look for an Advance Directive for a contact person. If there is none, look for the person to notify listed on previous admissions. Lacking these, you will have to talk to whoever contacted police or ambulance for more information about who is the caregiver or next of kin for the patient. Act on the best information you can get, and release medical information only to the person you deem is the responsible party. Since you are dealing with an emergency situation, you will not be held liable for trying to act in the best interest of the patient.
Q You call another facility for information, and they refuse, based on HIPAA. What do you say?
A HIPAA does not restrict the flow of information for treatment purposes (reference 45 CFR section ). In addition, by virtue of the fact that you are working in an emergency room, denial of the request would be cause for a much bigger problem than release of information if the patient is adversely affected. Let the person who refuses know that you can report them to the Office for Civil Rights if they do not comply, and refer them to the OCR web page The only exception to this is HIV status, for which you do need a written authorization – form # 788.
Q Can you release information to another facility? Under what circumstances?
A You can release information to another Emergency Room, with the exception of HIV status. Call back and verify that you are talking to another hospital or emergency room. If it is not an emergency, refer it to the Health Information Management Department, ext If it is after business hours and is not an emergency, ask them to leave a message with contact information at that number. If a less than acute care facility calls for a patient who was recently there for continuing care and it is after hours, this may be released once you verify the caller by using the call back method.
Q Can you release information to a caller asking if the patient is here, or why the patient is here?
A Ask who you are talking to, and then you can verify whether the patient is here and the general condition. If it is the press, refer to Michael O’Connell or Kelly McDade in Community Relations.
Q Someone calls you saying he is the patient, and asks about his bill, wanting you to intercede for him. Can you talk to him?
A Ask the patient to send you something in writing, with name and date of birth. Say you cannot talk to him over the phone, because you need to verify who you are talking to, but will look at the issue once it is documented and resolve the issue with the appropriate department.
Q Can you call and leave a message at a patient’s home to call you back?
A You may leave a message using “Mount Auburn Hospital” as the caller, without specifying the department. You may leave a phone number. If you suspect the person may not want others knowing of this visit, ask the patient for how he or she wants to be reached if follow-up is needed.
Q Can you release information to another hospital Emergency Dept created by another provider?
A Yes – you can release this information for treatment purposes.
Q Can you release information to a law enforcement official’s oral or written request for the purpose of identifying or locating a suspect?
A The hospital may disclose only name and address, date and place of birth, social security number, ABO blood type and Rh factor*, type of injury *, date and time of treatment *, date and time of death *, and a description of distinguishing physical characteristics. Information noted by an asterisk may be disclosed only it the hospital in good faith believes the disclosure is necessary to prevent or lessen a serious danger to the patient or others.
Q Can you release psychiatric information to another ER?
A You may release the minimum necessary information to another Emergency Room in order to treat and safeguard the patient.
Q You are on the run and want to use your PDA to check on a patient; what precautions should you take?
A Any wireless device, including PDAs and laptops, is insecure when used in an insecure location, possibly exposing PHI to surfers. Never store passwords on your PDA, and consider encrypting any PHI. Any PHI saved on a PDA must be password protected. The MAH wireless system is a secure system that only allows devices that have an MAH issued wireless card access the network; a wireless PDA or laptop of a person without this card cannot jump on the system.
Q You want to do a study, which you have received approval for by the Privacy Board and IRB. Can you copy the data electronically and bring it home to work on it?
A No – HIPAA specifically forbids taking Protected Health Information and storing it off site. This also applies to patient records; it is prohibited to take them out in a car, off campus, or home.
Q What are the rules around HIV and exposure of EMT personnel?
A Any time there is an exposure of body fluids with a patient, the affected personnel should take an HIV test. The patient cannot be forced to take an HIV test, although there is legislation being contemplated.