HIPAA - The 'When Convenient Law'

My late husband had more than 30 surgeries including multiple pacemakers installed, an LVAD (left ventricular assist device) implanted, a perforated colon, the colon repaired, and a heart transplant. We clocked a lot of hospital hours.

During this journey, I became increasingly interested in The Health Insurance Portability and Accountability Act (HIPAA). The HIPAA purpose is protecting patient health information, namely: privacy, security, and breach notifications.

By nature, I am a private person. I respect the premise of HIPAA but did not see much in practice during our medical journey. I learned to consider HIPAA the ‘when convenient law.’

I spent hours, maybe hundreds of hours, in surgery waiting rooms. I was always dumbfounded at the amount of information doctors shared with family members following surgery in earshot of all other individuals in a waiting room. There was zero respect for a patient’s privacy. Once following a surgery, the phone rang at the receptionist desk. The receptionist asked if anyone was waiting for John McEachern. I said I was. She said she needed to show me to a room as the surgeon wanted to talk to me. I could literally feel the blood in my body change temperature. Something must have gone terribly wrong. I waited anxiously until Dr. Ann Peick entered the room. She said, ‘That was textbook surgery. It could not have gone better.’ My head was spinning. ‘Why did you have me escorted to this room?’ I asked. ‘I respect my patients too much to discuss their private information in front of others. I find that disrespectful,’ she said. She was one of the finest surgeons I ever met – both in skill and patient advocacy. I asked a physician about the practice of spewing personal information in a waiting room. He said, ‘Doctors need to do that. If they took families in a private room following surgery, they would be answering questions all day long.’ Convenience over respecting privacy?

When preparing for surgeries and procedures, we typically were asked to register the night before. On the day of surgery, we went through the exact same process. This time we would be in a room or facility with many other individuals around. We would be asked for a social security number, date of birth, address, and employer. Once I wrote down all the information from another patient. I went and handed it to the individual working at the hospital. I said, ‘This is what I just learned about that individual.’ This hospital employee looked at me baffled. I said, ‘this practice must violate some HIPAA laws.’ The individual told me, ‘I just work here.’ Exactly, you do work there. Patient privacy must be a keystone of consideration in procedure and practice.

With all the surgeries, I spent a lot of time at pharmacies, too. I find it intriguing that they ask you to ‘stand back three feet to respect the privacy of the individual in front of you. They may have questions personal in nature for the pharmacist.’ I can still hear three feet back.

After my husband passed away, I went to a local hospital to get his medical records. This was a laborious task as they cited HIPAA laws in making copies and distributing records. That is why I consider HIPAA the ‘when convenient law.’ If a task is made easier for a doctor, nurse, pharmacist, or hospital in general, HIPAA seems secondary. If a patient or caregiver needs information from a hospital or doctor barricades are in place as HIPAA prevails.