In today’s volatile healthcare environment, the threat of privacy and security breaches has become a perpetual concern. Consider the July 2017 incident involving a Utah hospital nurse arrested for refusing to allow a police officer to draw blood from an unconscious patient. As a responsible healthcare professional, the nurse was complying with hospital policy and the HIPAA
Privacy Rule governing disclosure of patient information. In doing so, she prevented a breach of privacy while
placing her own safety at risk. The police officer was ultimately fired and his watch commander demoted for poor judgement and failure to respect HIPAA’s patient protection rules. This case has focused national attention on the complexities of HIPAA compliance—adherence to guidelines that ensure proper release of protected health information (PHI) and prevent breach of privacy. It also points to the importance of properly disclosing patient information, centralizing release of information (ROI) activities, implementing proactive processes, and tracking privacy data.