Every hospital that's implementing new technology wants to be on the right side of the law, if only to avoid the penalties that come with HIPAA violations.
But going too far in that direction without proper guidance could lead to errors, as a recent story from Atlanta public radio station WABE points out.
The article runs down a series of cases in which HIPAA compliance seemed to have the opposite effect of its intention: rather than protect patient data for the sake of better care, it actively prevented those same patients from being able to access their own records, or else penalized them for transgressions made innocently.
One of the instances cited by this piece occurred earlier this month, and explored in detail in the Springfield News-Leader, refers to a woman from Missouri who was accosted by security for trying to take a photo of her son while in a local hospital.
The intention may have been in keeping with the law, but the result has led to a lot of negative press for that Mercy hospital. The source quoted some of a response statement issued by spokesperson Sonya Kullman.
"The idea is not to prohibit patients from capturing personal memories," she said. "However, we want to ensure that we protect everyone's right to privacy. That includes other patients, visitors, co-workers and providers who may not want to appear in someone else's photograph, video or recording."
Clearly, there's a line between following the rules and getting seemingly too defensive in the face of a patient or civilian. These kinds of reactions can confuse the public and other practices as to what the rules really are, which is why HIPAA compliance consulting should be employed.