Surprising HIPAA Violation

The Health Information Portability Act (HIPAA) has criteria about not violating patient privacy, and potential harsh penalties for doing so. One needs to not only avoid saying a patient’s name to the public (meaning people not involved in the patient’s care), but not even to provide enough identifying information to allow someone to identify a patient. If you say you saw a 45-year-old male architect for diabetes, and there aren’t that many architects in town, you’ve probably supplied enough information for someone to figure out who you’re talking about.

I’m usually pretty conscious of it, and some of my colleagues are used to me ‘coughing’ “HIPAA” when they say a patient’s name aloud. One day, however, while eating lunch with my colleagues, I told the story of an 80+ man who came in complaining of a large bruise on his leg that he sustained after a fall when he tripped while running backwards. One of my colleagues said, “Was that Bob Smith*?”

“How did you know?” I asked.

“We go on the ski bus together and after he gets off he always runs backwards around the bus!”

*Not his real name, and yes, I got his permission to post this story.

Author: Daniel Ginsberg, MD, FACP

I'm an internal medicine physician and have avidly applied computers to medicine since 1986, when I wrote my first medically oriented computer programs. So yes, that means I'm at least 35-years-old!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: