HIPAA violation ... or not???

A mental health facility with a director of operations in our area has a board of directors with a chairman of that board overseeing the board. The chairman confiscated the directors computer (with patient information on it) suspecting improper use of the computer in redards to e-mail use. Chairman took the computer to the sheriff's department where it sat for a week until a computer technician from the mental health facility could look at the computer and found some improper jokes (the kind most of have recieved from "friends" at some point in our lives). Nothing more serious.

Question: did the chairman violate HIPAA by doing what he did? My understanding of HIPAA is that he did not. What say ye ol wise ones out there?

Comments

  • 3 Comments sorted by Votes Date Added
  • I would have to think that HIPPA had not been violated in this instance. Assuming, of course, that the IT guy is on the company payroll and subject to the same confidentiality requirements of all other employees.

    In order to set up database information with patient information, IT guys must have access to this kind of stuff. If you do not have a confidentiality policy covering this are, you may want to consider drafting one.

  • They have a policy and have had training over there including the IT guy. The chairman of the board hasn't but he (from my understanding) never accessed any records on the computer.
  • BEAVE::I'll take a shot at your concerns; from our established policy and procedures manual I glean that your first concern is SECURITY, WHICH:
    -CONTROLS ACCESS AND PROTECTS INFORMATION FROM ACCIDENTAL OR INTENTIONAL DISCLOSURE TO UNAUTHORIZED PERSONS. Actions do not appear to cross this point!
    -PROTECTS INFORMATION FROM UNAUTHORIZED ALTERATION, DESTRUCTION, OR LOSS. Actions do not appear to cross this point!
    -PROTECTION AIMED AT OPERATING SYSTEMS. Actions taken you your very senior leadership appears to strengthen this point of security.
    -PRIVACY. Actions of the senior leader while it may not have been his specific reason for securing the hardware it appears he enhanced his defense of everyone's PHI by physical security of criminal authority sworn to protect our citizens.

    Now that he found nothing on the operator of the hardware I hope he took him out for some BBQ ribs and a few beers to say I'm sorry for doubting you!

    PORK
Sign In or Register to comment.