While commissioners were in executive session, the press asked Interim-CEO Angie Shaw about Health Insurance Portability and Accountability Act (HIPAA) violations pertaining to hospital commissioners accessing private patient information. Specifically, according to a tip, how hospital surveillance cameras are being accessed by commissioners, who are non-employees.
The hospital has indoor and front door viewing surveillance cameras that are used by staff to help monitor access to the hospital during the pandemic. Shaw said the cameras are not directed to see into patient’s rooms but mostly hallways and entrances.
She also said that commissioners do not have direct access to view the cameras, but they can and have asked Information Technology Director Drew Wood to make the live video available to them when they frequent the hospital.
Shaw said she does not believe it is a HIPAA violation when commissioners monitor hospital operations, including patients entering, exiting, and moving about the hospital. “They are just watching a video,” she said. She said patients’ files and personal information are electronic, secured in the computer system, and are not accessible by the commissioners.
According to the HIPAA Journal, “there are hundreds of ways that HIPAA rules can be violated.” Protected Health Information safeguards the privacy rights of patients, or severe penalties can occur. PHI is any identifiable information about an individual patient, including a face photo or video.
While Shaw said that patient information, such as name, social security number, and general medical records are secured from unauthorized access, one element of HIPAA that is not potentially protected from the eyes of commissioners is the camera system.
The next regular meeting is scheduled for Monday, Jan. 18 at 6 p.m. in the AUD.