Check out some similar questions!

linked · Jul 25, 2010, 08:39 AM

Management is monitoring workflow of off shifts from home computers, which gives them access to patients information such as,insurance,diagnosis,treatment, etc,

JudyKayTee · Jul 25, 2010, 08:40 AM

Are they disclosing the info to anyone who is not authorized?

linked · Jul 25, 2010, 08:46 AM

Anyone in their home could access information.

JudyKayTee · Jul 25, 2010, 09:30 AM

Could or does? I have a home office. I don't disclose anything nor does anyone have any of my passwords.

HIPAA does not address "could have, would have, should have" situations.

ScottGem · Jul 25, 2010, 10:37 AM

Originally Posted by linked

Management is monitoring workflow of off shifts from home computers, which gives them access to patients information such as,insurance,diagnosis,treatment, etc,

So your concern is that someone in the home could access the information. Has the IT department provided any security to control access of the information?

It might be considered a HIPAA violation if no controls are in place, but I seriously doubt that is the case.

What is your position/concern in this?

Fr_Chuck · Jul 25, 2010, 12:35 PM

No, the company site will be password protected, and only the user can have access.

No this is not a violation in any sense of the word.

Doctors normally will have access to their files and records from home.

It is giving that info out, where the issue is, if they access it, and then tells someone.

linked · Jul 25, 2010, 05:39 PM

Originally Posted by ScottGem

So your concern is that someone in the home could access the information. Has the IT department provided any security to control access of the information?

It might be considered a HIPAA violation if no controls are in place, but I seriously doubt that is the case.

What is your position/concern in this?

My concern is this person accessed my husbands medical information a year ago and the HR department was informed and all they did was have her apologize.Perhaps my issue is more of trust! Thanks for your input.

Fr_Chuck · Jul 25, 2010, 05:47 PM

Do they have a reason to access it ? If their job position gives them unlimited access to patients files and permission to review them, there is no issue.

And again, are they giving out or telling any of the info, that is the where the violations come into play.

ScottGem · Jul 25, 2010, 05:52 PM

Ok, so now we get to the heart of the matter.

How did you find out she did this? What did she do with the information? Was she not entitled to look at those records as part of her job?

How do you know that's all they did? I suspect the transgression was entered into her HR and a repeat might get her into more serious trouble. Its also possible she was sent to refresher HIPAA training.

What do you think should have happened?

J_9 · Jul 25, 2010, 08:39 PM

Too add, what position does this person hold?

Many medical coders work from home these days, so they would have access to quite a bit of information.