Patient-privacy complaints seldom lead to prosecution: Some question effectiveness of federal rule
(Columbus Dispatch (Ohio) (KRT) Via Thomson Dialog NewsEdge) Jun. 11--The big board in the intensive-care unit at Mount Carmel West hospital, where Daniel Lynch spent four months last year, listed his name, room number, doctor and when he last had a bath.
Wives of other patients approached his wife, Eileen, and told her that their husbands shared the same doctor and the same pulmonary illness.
"I was like, 'Who are you? Go away,' " Mrs. Lynch said. "My husband was dying."
She complained to nurses and supervisors, saying that the board violated the privacy portion of the federal Health Insurance Portability and Accountability Act, HIPAA for short.
"I refer to it as the HIPAA violation board," Lynch said.
In the three years since the federal privacy rule was enacted, 20,124 complaints have been filed with the U.S. Department of Health and Human Services' Office of Civil Rights.
But not one fine has been levied against hospitals, clinics, pharmacies, doctors or other health-care providers. And just two cases have been prosecuted.
About 75 percent of the complaints have been closed, the government says. The problems were resolved, or the law didn't apply.
Still, the rule works, said Mary Yost, spokeswoman for the Ohio Hospital Association.
"I don't think anybody is winking at the law," she said. "I don't think anybody is saying, 'They're not really serious and we're going to push the envelope and see what we can get away with.' "
Yost said the rule has created a national standard for privacy.
Nancy Gillette, senior counsel for the Ohio State Medical Association, said the rule was created to educate health-care workers, not punish them.
She suspects, though, that many complaints are unwarranted.
"A consumer may have an appearance of a violation that's not a violation," she said. "The mere fact that you have (20,000) complaints doesn't mean you have any wrongdoing."
But just because complaints don't fit the law doesn't mean patient privacy wasn't compromised, said Cathy Levine, executive director of Universal Health Care Action Network of Ohio.
"If a review of complaints shows that people have valid privacy issues that are not HIPAA violations, then HIPAA needs to be fixed," she said. "I don't have enough information to know if there are too many loopholes."
Days after Mrs. Lynch wrote a complaint letter to Mount Carmel, her husband was moved to the palliative unit, where he died a few weeks later. She didn't pursue her complaint or send it off to federal officials.
Mrs. Lynch said the next time she needs a hospital, those patient boards will help her decide which one she chooses.
Patricia Roam, vice president of legal and regulatory for Mount Carmel, says it's a balancing act.
Doctors and nurses "all need the information to do their work," she said. "At the same time, our job is to protect the privacy of patients."
[ Back To TMCnet.com's Homepage ]