UNMC and Nebraska Medicine continue to take seriously the commitment to patient privacy and confidentiality.
This past November, it was discovered that a colleague had accessed patient information outside the scope of their job. The concern was reported anonymously through the compliance hotline. The UNMC/Nebraska Medicine Privacy Office investigated and found this colleague had been inappropriately accessing patient records outside of assigned job duties for an extended period of time. That person’s employment was terminated.
“By law, we have to notify the patients and the Office for Civil Rights,” said Harris Frankel, M.D., Nebraska Medicine Chief Medical Officer and associate professor of neurological sciences at UNMC. “That office determines whether our organization is sanctioned for these violations.”
Patient information, including demographic information, census lists and reports, may only be accessed for current, work-related reasons. The issue of accessing patient information when it’s not part of a person’s job is not a new or isolated problem. For more information, read this protecting patient privacy tip sheet.
Dr. Frankel reminds everyone in the organization that the inappropriate access of patient records/PHI (protected health information) has consequences, including the possibility of termination. This includes accessing the health records of yourself, your spouse, children, or any family member. Adding yourself to a patient’s treatment team in One Chart is also a violation if you are not truly part of the patient’s care team.
“A single breach of trust like this can crush our reputation,” Dr. Frankel said.
Nebraska Medicine uses an auditing system designed to protect patient privacy. The system automatically traces and records potential violations of patient privacy, which are then reviewed by the Privacy Office. The UNMC/Nebraska Medicine Privacy Office also relies on colleagues to report potential violations. If you observe someone accessing patient information unnecessarily, call the compliance hotline at 1-800-822-8310. The compliance hotline is an independent third-party service available 24/7. Calls received are not recorded and individuals calling may remain anonymous.
Anyone with questions about the privacy policy or requesting additional privacy training can contact Debra Bishop, privacy officer, at 402.559.5136 or by email.