CHPC Study Group

Scenario and Happy 4th...NLU!

  • 1.  Scenario and Happy 4th...NLU!

    Posted 19 days ago
    A few folks asked if I wouldn't mind posting a scenario or two over the holiday.  I made a deal...I told them I would...if they agreed to start posting.  So here we go!  No look up and feel free to just post the letter of your answer and we can discuss after the holiday.

    Patient A received a letter from Hospital B that Patient A's PHI was involved in a breach due to a letter properly addressed to Patient A but due to an error by the US mail, ended up in the wrong mailbox.  The unintended recipient did report receipt of the letter and did admit to opening and reading the PHI for Patient A.

    Patient A wants to make sure he/she has a record of this breach and any other information about it on file so Patient A contacts Hospital B and requests an Accounting of Disclosures.  Hospital B's medical record department provides an Accounting of Disclosures report to Patient A and it is blank in that no disclosures are listed.  Patient A contacts Hospital B and is connected to you the privacy official and asks why the breach isn't listed in the Accounting of Disclosures report.  While Patient A is on the phone, you are able to get a copy of the Accounting of Disclosures that was sent to Patient A from the EHR system where you also see a copy of the breach letter.

    The BEST answer for you to give Patient A is: (remember...there might be a "better" answer you come up with...but you only have the four listed below as your options)

    1. Inform Patient A that given the patient's receipt of the breach notification letter from Hospital B about the disclosure, Patient A was provided a notice of the disclosure and therefore, this particular disclosure would not appear on an Accounting of Disclosures.
    2. Inform Patient A that it appears that the disclosure related to the breach was not on the Accounting of Disclosures and that it should be listed. You will look into why it was not listed and then have a corrected copy sent to Patient A.
    3. Inform Patient A that since the letter containing the PHI was addressed correctly, this was a permissible disclosure done for treatment related purposes and therefore would not appear on an Accounting of Disclosures.  The breach occurred when the unintended recipient read the letter and that is why Patient A received the breach letter because the recipient read a properly addressed letter not intended for the recipient.
    4. Inform Patient A that now looking into this matter more closely, you realize that the breach notification letter was sent in error because given that the letter was addressed correctly, there can be no breach. You also share that because the letter was sent for treatment purposes, this would not appear on an Accounting of Disclosures.


    ------------------------------
    ► Week 4 of the 66ers...Don't Fall Behind! ◄
    --------Frank Ruelas---------
    ------------------------------
    Certification Disclaimer


  • 2.  RE: Scenario and Happy 4th...NLU!

    Posted 18 days ago
    Complete guess:   B



    Happy 4th Frank! Thanks for the scenario question.

    ------------------------------
    Misty Booker
    Compliance Manager
    Baptist Eye Surgeons
    Knoxville,TN
    ------------------------------

    Certification Disclaimer


  • 3.  RE: Scenario and Happy 4th...NLU!

    Posted 18 days ago
    A?

    ------------------------------
    Victoria Hewitt
    Privacy Specialist
    Robins' Nest Inc.
    Glassboro,NJ
    ------------------------------

    Certification Disclaimer


  • 4.  RE: Scenario and Happy 4th...NLU!

    Posted 18 days ago
    c

    ------------------------------
    Jeanne Downing
    Privacy Officer
    Knox County Government
    Knoxville,TN
    ------------------------------

    Certification Disclaimer


  • 5.  RE: Scenario and Happy 4th...NLU!

    Posted 18 days ago
    Torn between A and C.  Going with A.​

    ------------------------------
    Lloyd Hemmert
    Compliance & Ethics Officer
    Hill Country MHDD Centers
    Kerrville,TX
    [lhemmert@hillcountry.org]
    ------------------------------

    Certification Disclaimer


  • 6.  RE: Scenario and Happy 4th...NLU!

    Posted 18 days ago
    C. Pure guess. Great scenario Frank!

    ------------------------------
    Rachel Buchanan, CHC, CHPC
    Compliance & Regulatory Mgr
    Eugene,OR
    ------------------------------

    Certification Disclaimer


  • 7.  RE: Scenario and Happy 4th...NLU!

    Posted 17 days ago
    I choose A.​

    ------------------------------
    Melanie Schoonover
    Quality Improvement Supervisor
    ------------------------------

    Certification Disclaimer


  • 8.  RE: Scenario and Happy 4th...NLU!

    Posted 17 days ago
    I'll go with C, but it's a guess.

    ------------------------------
    Karl Nieschburg, CHC
    Compliance Officer
    ------------------------------

    Certification Disclaimer


  • 9.  RE: Scenario and Happy 4th...NLU!

    Posted 17 days ago
    Going with B.  Used to think A but I sort of remember a past discussion on this.

    I could be totally off on the wrong track, but C and D I am discarding because even though the hospital did everything right, its information was looked at by wrong person and it was in a sense "not secure" (unlike electronic information that is encrypt-able, paper is paper).

    Interested in the answer!

    ------------------------------
    Marie Wagner
    Operations Manager, Corporate Compliance
    The Queen's Health Systems
    Honolulu,HI
    ------------------------------

    Certification Disclaimer


  • 10.  RE: Scenario and Happy 4th...NLU!

    Posted 15 days ago
    C

    Sana

    ------------------------------
    Sana Syed
    Compliance Specialist
    MEDNAX Services Inc
    Sunrise,FL
    ------------------------------

    Certification Disclaimer


  • 11.  RE: Scenario and Happy 4th...NLU!

    Posted 15 days ago
    B

    ------------------------------
    Patrick Forand
    Director of Risk Management
    CAN Community Health
    Sarasota,FL
    ------------------------------

    Certification Disclaimer


  • 12.  RE: Scenario and Happy 4th...NLU!

    Posted 14 days ago
    Based solely on the scenario, I'll say B.

    ------------------------------
    David Garrison
    Compliance/Privacy Officer
    SEARHC
    Juneau,AK
    ------------------------------

    Certification Disclaimer