A few days ago I asked a hospital to send me an Itemized bill for one of my employee's so I could make sure it was correct so I Could pay their Hospital bill , ( Work related injury ) . They did , send the confidentiality cover sheet and all ...
Yesterday I look on my rapid fax account ( I Dont check it on a regular basis) and there are 2 more medical bills from the hospital system ( HCA not even the same hospital Im in TX these were in CO ) but for 2 DIFFERENT patients. I think some one was not paying attention and left my cover sheet on these bills and faxed them to me w/ out even thinking about it. I Called the hosptial to inform them and No one seemed really conerened about it. This info had ppls' DOB's , Address' and what they were in the hospital for .
I never could speak to the correct department who actually SENT The fax. Im really thinking of sending the bills TO THE PATIENTS and informing them that this happened .I Know if someone else had my medical records I would want to know .
What do you think ? I was going to shred them today , until I thought " I wonder if i should send them to the patients " I want to make sure someone know's this was wrong . Besides a huge violation of HIPPA you run the risk of ID Theft ?
Any advice ?
Thanks
Mindy
Full Version: HUGE Violation of HIPPA ... What would you do ?
Anyone ? Have any suggetions ?
Mindy
Mindy
You are absolutely right, this is a serious matter and something the hospital needs to be aware of as a potential problem.
You might try calling the hospital again and speak to someone in Risk Management. Those folks will sit up and take notice.
Another option... Send a nice letter to the CEO and enclose the copies as you recieved them. That is sure to get some attention.
Then there is the option of sending them to the patient with an explanation of how you got them and let them duke it out with the hospital Or shred them and let it go.
Or any combination of the above.
I am sure it was an honest mistake. What appears to be a lacksidaisical attitude may simply have to do with feeling that the damage was already done and perhaps a little bit of "well I didnt do it so it's not my problem" which is sad.
Personally I'd call risk management and see what they say, if they also seem to care less I'd send them to both the patient AND the CEO and tell the CEO what you had already done to bring this to their attention.
But that is just my opinion. For what it's worth I've spent the last 19 years in the medical professional and while HIPPA can be a bit of a pain it was created for very good reasons so breaches should be taken seriously, even if by accident. (IMHO)
D
You might try calling the hospital again and speak to someone in Risk Management. Those folks will sit up and take notice.
Another option... Send a nice letter to the CEO and enclose the copies as you recieved them. That is sure to get some attention.
Then there is the option of sending them to the patient with an explanation of how you got them and let them duke it out with the hospital Or shred them and let it go.
Or any combination of the above.
I am sure it was an honest mistake. What appears to be a lacksidaisical attitude may simply have to do with feeling that the damage was already done and perhaps a little bit of "well I didnt do it so it's not my problem" which is sad.
Personally I'd call risk management and see what they say, if they also seem to care less I'd send them to both the patient AND the CEO and tell the CEO what you had already done to bring this to their attention.
But that is just my opinion. For what it's worth I've spent the last 19 years in the medical professional and while HIPPA can be a bit of a pain it was created for very good reasons so breaches should be taken seriously, even if by accident. (IMHO)
D
A clerical error is NOT a HIPAA violation unless there is a PATTERN of errors caused by documented INCORRECT PROCEDURES .
Otherwise the zillion incorrectly addressed faxes from Dr.'s offices and Hospitals and other Health Care providers that wind up at someone elses fax address would ALL be "violations".
The proper thing to do, as I have had to do MANY MANY times, is to notify the sending party of the error and shred the documentation.
Otherwise the zillion incorrectly addressed faxes from Dr.'s offices and Hospitals and other Health Care providers that wind up at someone elses fax address would ALL be "violations".
The proper thing to do, as I have had to do MANY MANY times, is to notify the sending party of the error and shred the documentation.
QUOTE(Why Chat @ Jun 9 2007, 07:36 AM) 
A clerical error is NOT a HIPAA violation unless there is a PATTERN of errors caused by documented INCORRECT PROCEDURES .
Otherwise the zillion incorrectly addressed faxes from Dr.'s offices and Hospitals and other Health Care providers that wind up at someone elses fax address would ALL be "violations".
The proper thing to do, as I have had to do MANY MANY times, is to notify the sending party of the error and shred the documentation.
Otherwise the zillion incorrectly addressed faxes from Dr.'s offices and Hospitals and other Health Care providers that wind up at someone elses fax address would ALL be "violations".
The proper thing to do, as I have had to do MANY MANY times, is to notify the sending party of the error and shred the documentation.
Thanks for the info . I did contact the hospital and let them know what was going on . I think the fact that they did this over 2 different days and sent it to the same wrong person could seen as incorrect procedure.
But I just wanted someone to be aware of it , they didnt seem to be too concened about it.
Personally I think there was more of a possibility of Identity theft to happen by this than anything.
But im shredding the docs as we speak . Thanks for the advice everyone I was not sure what to do .
Mindy
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.