With all the talk about HIPAA and its hassles and headaches, I had to share this little incident:
A few days ago I received a call from an irate mother. She wanted to know why we were blabbing her daughter's medical information all over town.
"Well, I got a call from my baby's daddy's wife, and she heard from y'all that my baby had been to the doctor nine times, and she wanted to know what was wrong that a 3-month old had been to the doctor nine times."
Ma'am, first of all, why do you care what your baby's daddy's wife is telling you? Second, what is your current relationship with the baby's daddy?
"He's not involved, he's never been involved from day one and he's got no intention of being involved."
Okay, ma'am, but do you have a court order granting you sole custody, or another legal document excluding him from care?
"No, I haven't gone through that yet, but I don't want you sharing information with no one else."
I understand, ma'am, but he is still the father and he still has the right to information. We don't have to share information with his wife if you choose, but do have to release information to him, unless you have a legal document saying otherwise.
"You're saying that anyone can call up and say they're my baby's daddy, and you'll give them the information?"
Yes, if someone claims to be the baby's father we will take him at his word; we have no way to prove they aren't, and no reason to either.
"Well that's not right."
And, then, a few days later:
"I want a copy of your HIPAA policy."
Now, for all that HIPAA does and does not cover, it doesn't give you the right to keep the baby's daddy out of your baby's medical record, as long as he still retains legal status. Get down to the courthouse, sort it all out between the two of you, then come back with an official piece of paper, and my wish is your command. Nevertheless, I can just imagine a call from the feds:
"Is it true you gave out Protected Health Information against the mother's wishes?"
"Isn't it true that you don't verify the identity of parties requesting Protected Health Information?"
"Did you make a notation in the chart as to who has received information?"
For the record, my staff (both of them) denies ever giving any information to anyone about this baby. This is a small town. It's just as likely that someone was in the waiting room one day, overheard a couple things about "past appointment" and "next appointment", and then told baby daddy's wife. But it's all irrelevant, because this has nothing to do with HIPAA. This has to do with dysfunctional family arrangements. And yet, I can see HIPAA becoming the blunt club, the shotgun, the tool used to cause retribution.
Three more things:
(1) I'm not sure HIPAA ever solved any problem. Was there a serious epidemic of doctors releasing information to unauthorized parties? I am much more aware of privacy issues now, which is a good thing, but could someone show me that there ever was a problem before? If we want to discuss privacy, let's talk about corporations and federal agencies losing laptops with thousands of social security numbers...
(2) I realize the terrible meta-irony in discussing HIPAA issues by using the example of a patient who is already concerned about HIPAA. What if she comes across this blog and feels that her privacy has been violated yet again? Nevertheless, I haven't touched on medical issues (so it's doubtful that HIPAA truly applies here), and she would have a hard time proving that this little incident described here has now compromised her privacy and identified her to the world--unless she herself has been spreading the story...
(3) So, when will I be getting a call to appear on the Jerry Springer Show?