Jussie Smollett Case: 50 Hospital Workers Fired For Alleged HIPAA Violations

By Portia Wofford

At least 50 employees, including nurses, at Northwestern Memorial Hospital in Chicago, have been fired after allegedly improperly reviewing an actor’s medical records, according to NBC Chicago. 

The employees were immediately fired for inappropriately viewing or accessing the records of actor Jussie Smollett. Smollett was treated at the hospital in late January. A surgical nurse, identified as Susan, stated to NBC Chicago that she was simply curious and only searched the actor's name in the system. Another unidentified employee states she did a partial search of Smollett’s name for another employee, according to CBS Chicago.  Both were fired for violating HIPAA. 

In today's world, where everyone and everything is accessible with just a click or on social media, it is crucial for nurses to understand all aspects of HIPAA. The Health Insurance Portability and Accountability Act (HIPAA), defines how nurses should collect, use, and handle protected health information (PHI). 

Read Next: 50+ Hospital Workers Fired For Refusing Flu Vaccine. 

How to avoid violating HIPAA  

The consequences of violating HIPAA include being reported to the board of nursing. There are a number of simple ways nurses can avoid violating HIPPA and their patients' trust.

Discretion. Most nurses’ stations are a landmine of paper! Nurses could be violating privacy by having patient information in plain view to anyone who comes in proximity to the nurse’s station or other areas, such as med carts, where patient info may be displayed. 

This is a small but careless and easily avoidable mistake, be sure to  

• Keep patient charts, medication administration records, treatment administration records, and folders closed, by using privacy filters. 
• Keep computer screens and other device screens are hidden or closed from patients, your colleagues, and visitors. 
• Documents, lab results, and communication or report sheets should not be left lying at the nurse’s station. Instead, store them in a secure drawer or file cabinet. 
• When you no longer need a document, properly dispose of it by shredding or placing in a locked bin to be destroyed later.

Social Media. Social media usage has increased the likelihood for nurses to violate HIPAA. It is crucial that nurses use social media wisely. With the rise of nurses who have become social media influencers, many nurses are sharing their daily lives via pictures, stories, and status updates on Facebook, Instagram, Twitter, etc. 

• To be safe, all nurses should become familiar with their employer's and their state board of nursing's social media policy. 
• A good “rule of thumb” is to never to post any pictures, stories, or status updates about what goes on in the workplace, especially if it involves patients.  Even if no name or image is shown, any other identifying adjectives or remarks could make it easy for someone to identify your place of employment or patient. 
• Overall, use extreme caution and sound professional judgment when utilizing social media for work-related content.

According to Hipaajournal.com, “posting any protected health information on social media websites, even in closed Facebook groups, is a serious HIPAA violation.” 

Awareness. Nurses must discuss patient care with numerous people, to provide quality and continuity of care. Be mindful of openly discussing patients in common areas. 

Being aware of one's surroundings is important in protecting patients' privacy. 

• Ensure that when speaking about patients that you are in an area that is discreet and not easily accessible to prying ears or eyes.
• All nurses should practice on a "need to know" basis. Before disclosing or accessing healthcare or private information, ask yourself, "Do I or does this person need to know this information, for me to do my job?" This includes accessing patients' charts whom you are not treating. No matter how familiar, popular,  famous, or well known a patient is, if you are not directly caring for that patient, it is a violation of HIPAA for you to access his or her medical records. In some organizations, nurses have been penalized for accessing their OWN medical records.

What happens if a nurse violates HIPAA?

HIPAA Journal states that if a nurse violates HIPAA, it is important that the incident is reported to the person responsible for HIPAA compliance in your facility or your supervisor. Failure to report a violation could have serious consequences. 

• Serious violations, even if the intent is not malicious, are likely to result in disciplinary action. This could include termination and punishment by the board of nursing.
• Termination for a HIPAA violation can make it difficult for a nurse to find another job. Organizations covered by HIPAA aren’t likely to hire a nurse who has been previously fired for breaching HIPAA.
• Willful violations can result in criminal penalties. These types of violations can be reported to law enforcement as well as the Office for Civil Rights. The Office of Civil rights can refer to the Department of Justice and they can pursue criminal penalties. These penalties can include fines and imprisonment. Theft of PHI for financial gain can result in up to 10 years in jail.

Remaining HIPAA compliant involves educating yourself on the regulations and consequences and a little bit of common sense and courtesy. Even if a celebrity crosses paths with you, in your role as a nurse, remember HIPAA is very real and violating it can cost you your license! You worked hard for your license, don't lose it over a simple, careless mistake.

Next Up: Utah Nurse Awarded $500K Settlement Following Controversial Arrest