Case Study: Imagine that you are the privacy officer for a small town hospital. You receive a report that there is a breach of privacy. You are informed that a 15-year-old girl is received at the emergency with an emergency labor. The baby is delivered in the emergency room as there is no time to move the patient to the obstetrics (OB) department. In addition to the emergency delivery, the baby is born with multiple medical problems. Once the mother and baby are moved to obstetrics and neonate, care is given to both.
The OB nurse who took care of the mother and baby completes her shift, and she goes home to her own daughter to have a talk with her. She sits her daughter down and pleads with the girl to tell her if she ever has any problems, especially when it comes to pregnancy. The nurse tells her daughter the story about the young patient who delivered that evening, and she accidentally mentions the patient’s name. The patient’s name is one of those odd names that immediately triggers the nurse’s daughter to relay that she knows the patient. The mother/nurse, realizing that she made a big mistake by mentioning the patient’s name, pleads with her daughter not to say anything. Needless to say, word shoots through the four high schools in the town the next day.
The nurse returns to work the following evening, and she contacts you to hand in her badge and keys, stating that she knows she made a mistake by breaching the young patient’s privacy and she knows she is going to be fired. In addition to the breach of the obstetrics nurse, you learn that the patient hid her pregnancy from her family, and to make matters worse, her aunt and mother are both nurses at the hospital. You know both of these nurses on a professional and personal level.
U.S. Department of Health and Human Services. (2002). Standards for privacy of individually identifiable health information; Final Rule. Federal Register, 67(157), 53182-53273. Retrieved from http://www.hhs.gov/ocr/privacy/hipaa/administrative/privacyrule/privrulepd.pdf.
Then, perform additional research regarding the HIPAA Privacy Rule and prepare your Final Paper by analyzing the issues through these questions in regards to the above scenario:
- Analyze the specific requirements needed to perform this investigation.
- Identify whether this incident was an actual breach of privacy according to the HIPAA law.
- Examine the differences and similarities between the hospital’s stance and HIPAA as to whether the nurse should be fired from her job.
- Explain why you would fire or not fire the nurse immediately or whether you would put her on administrative leave awaiting the details of the investigation.
Scenario No. 2: DNR
Project Assignment: Review your State Government’s website and search for its official Do Not Resuscitate (DNR) Form. Along with the form will be information and instructions regarding the form. In addition, research three area hospitals to determine if they provide separate DNR forms. Then, perform additional research regarding DNR and prepare your Final Paper by analyzing the issues through these steps:
- Analyze the requirements of your State Government’s DNR.
- Identify the requirements of the three hospital’s DNRs.
- Examine the differences and similarities between the state’s and the three hospital’s DNR requirements, and address the following questions:
- What are they?
- Which one should you follow?
- Explain how a DNR is applied if a patient is under hospice care and EMTs are called.