A rant about HIPAA and a stupid medical secretary

So I go to the doctor a week or so ago and asked for a physical in my quest to have a more active role in my own health. Plus at 25 I am trying to get in shape and get serious about preventing bad stuff later on down the road. He sent me for a CBC, a cholesterol test and some kinda diabetes test (no reason to believe I had problems in any of these areas, just checking at my request).

So a couple of days later I call his office and talk to one of the secretaries that answered the phone. I tell her I want my test results. “Well because of HIPAA you’ll have to make an appointment and discuss the results with your doctor.”

Me: “What? I have to make another appointment just to find out a few numbers? But I’m not sick. Can’t I just talk to a nurse or something?”

Her: “Yes, you can come in and tell us that you want to talk to a nurse about your results but you may have to wait a while.”

Me: “Fine, no problem.”

So I go to the office, got there about 3:55. The lobby is pretty empty, just a few patients milling around. I tell the nice lady at the desk why I’m there:

Her: “You’ll have to make an appointment to talk to your doctor, we can’t give out that information.”

Me: “But it’s MY information! And I was told if I came here in person a nurse would show me my results.”

Her: “Okay, give me your name and I’ll go talk to Dr. H’s nurse.”

So I give her my name and sit and wait. I’m trying very hard to be patient and nice because I know that this is a big practice, they are swamped and severely understaffed. It’s not the nice lady at the desk’s fault that HIPAA is bullshit.

THIRTY FIVE minutes later, I haven’t heard one peep out of her, and she spots me and asks “Oh, have they registered you yet?”

Um, no.

“Okay hang on.”

By this time I am steamed because it is obvious that, despite sitting in her field of vision, she completely and totally forgot about me, never mind that by the time she remembered me there was ONE other patient in the lobby.

Five minutes later I get the “We can’t give you the information” song and dance again. She takes my name and number and tells me that Dr. H will personally call me tomorrow.

The next day a secretary, not Dr. H, calls me and tells me that I’ll have to see Dr. H to get the results.

Okay, I’m all about privacy and God knows I don’t want just anyone being able to access my medical information. But sheesh! This is ridiculous! They’re MY test results! Who do I have to sleep with to be able to see my own damn results in a timely manner? It will have been 3 weeks by the time I find out! What if this were something REALLY important? I mean, chances are everything is fine, but why should I have to wait 3 weeks to find out results that they got the same day I had my blood drawn?

What REALLY pisses me off is that doctors will be able to use this to force patients to make appointments they don’t need. I’ll spend a grand total of 5 minutes with Dr. H on July 15th and he’ll be able to bill my insurance his office fee. Lovely.

Rar!

I don’t mean to sound alarmist, but the only times I’ve ever heard of someone having to make an appointment for lab results, it wasn’t good news.

Even assuming everything is perfectly normal, in most practices you can’t just call up and have them read off your results. They need to be sure it’s actually you, for one thing, and someone qualfied to tell you what the results mean has to be available to talk to you and explain what they need to do from there.

And yes, some doctors do prefer to go over all test results with patients in person. Others prefer to call you themselves. Others prefer for their nurse or PA to go over results in person. Still others prefer the nurse or PA to call you. It was that way before HIPAA, and it’ll be that way after HIPAA.

Yeah, I’m pretty sure it’s the doctor’s policy here. Where I worked before, the doctors would usually - but not always - give out test results on the phone, but no one else was allowed to, not even a nurse.

I’ve learned altogether too much about HIPAA because of where I work, and this policy at your doctor’s office is NOT required by HIPAA.

Of course, I expect HIPAA will be blamed for everything from now on, regardless…

From the doctor’s office perspective…

Yeah, they need to make sure it’s you getting the test results. When I worked for a radiology practice a few years ago, I got a couple of calls from someone claiming to be the patient, asking for information about some tests we did. The “patient” turned out to be an associate of a local private investigator looking for information. Had I been slower and less perceptive, I would have given confidential information to someone who did not have legal access to it, and who could have used that information to hurt the patient.

Since anyone who wants to can pretend to be anyone on the phone, chances are you won’t get anything over the phone. Be glad for your doctor’s office policy, as much of a pain in the ass as it is.

Robin

Seconding what MsRobyn said about why that policy exists, and seconding Broomstick about how HIPAA will be blamed for this in the future. People react better if you blame some “silly government regulation” than if you say “Because you may be lying,” but a lot of people misrepresent themselves on the phone.

In that case why don’t they just tell me “Your doctor can’t be bothered to make phone calls to his patients, so if you want to know the results you’ll have to pay up.”

He told me when he sent me for the tests that I would only hear from him if something was wrong … if the tests turned out okay I wouldn’t hear anything. So now I don’t know whether I should be worried or not.

It makes perfect sense for them to tell you to come in to discuss them with the nurse, but not to make you make an appointment. Why should you pay for the results of tests you already paid for?

While I second that a lot of people will be “using” HIPAA as a way to divert blame in the future, some places are being really, really, over-the-top, just-in-case strict about the HIPAA regaultions.

I work in a release-of-patient-information related area in a large hospital. I am currently being sworn at and threatened on a daily basis because of these regulations. Do I think some of them are ridiculous? Yes, but any situation carried to an extreme bad conclusion can end up where a little prevention in the beginning could have headed off the disaster.

And our HIPAA compliance officer is sitting firmly on the side of “better safe than sorry” so people are getting pissed off at what we can and cannot release.

Here’s an example of about a hundred calls I take every day. You call a patient’s room and speak with him at 1:30pm. He doesn’t know it at the time but he is to be released at 1:35. You call back at 1:40 and he’s not here. You are connected with me. I tell you he isn’t here. You insist he is here because you just spoke with him. All I can tell you is that he is not here. From that you can infer whatever you want–he was discharged, he escaped, he died, he was transferred to another facility, whatever. I can tell you nothing. I cannot even confirm for you that he was here 10 minutes ago.

This pisses people off no end. Especially when the patient is someone who could have reasonably been expected to die at any minute a couple days ago or who might be transferred to a nursing home.

Better still, you call to speak to your mom who is having surgery today. I look ay my inpatients in beds list and don’t show her. I tell you I don’t have anyone by that name currently admitted. Now, you brought her to the hospital yourself before you went to work, you know she’s here. I’m sorry, I don’t show anyone currently admitted by that name. Damnit, you know she’s here. Where the hell is your mom? I tell you I don’t know, I’m not showing anyone currently admitted by that name. As it turns out, your mom is having an ambulatory (same day) surgery procedure–which is outpatient. And since outpatients aren’t actually “admitted”, there is no admit time and discharge time for them. This means I cannot be sure whether she is still here or not because I have no times to confirm. Therefore, I can release no information about her. Unless she is currently–at this moment–being treated in our facility and I know that as a fact (I can see admission and discharge information), I cannot tell anyone who call anything at all. And if you don’t know it is same day surgery, I cannot suggest that to you. Because if you weren’t really her son and were actually just trying to find out what kind of procedure someone you were stalking was having, telling you what kind of procedure she is having is telling you where she is and that’s a violation of her rights to confidentiality.

Is this absurd? Yes. Does HIPAA allow for some leeway in sitautions? Yes, but since I am at the mercy of the Administration who is in turn at the mercy of the person they have appointed to interpret the HIPAA guidelines, I have to follow our rules.

HIPAA sucks and even more so when the HIPAA compliance officer for a facility is a rule stickler who decides to continuously err on the side of caution.

Just so you know–now it may or may not be the doctor’s standard policy because that’s how they prefer it–their HIPAA compliance people may be anal.

I guess it doesn’t help that I live in West Virginia, where suing doctors is a hobby :slight_smile: They’re probably gunshy.

Every doctor I’ve ever had in NZ and Australia has followed the policy that they ring if they need to talk to you (well usually the receptionist rings and makes an appointment). If you don’t hear, everything is fine. If those are the instructions he gave you, then why not simply follow them?

I still haven’t figured out who HIPAA is supposed to “protect”. Any reputable provider or facility has been taking reasonable precautions to protect sensitive information for DECADES, if not CENTURIES. There are only two good things that I think have come out of HIPAA - the portability of employee-sponsored healthplans and the inability for your pharmacy to sell your information to drug marketing companies. Of course, employers quickly figured out how to get around the portability part. sigh

If anyone has a complaint - whether they feel HIPAA was enforced too leniently or too stringently - can call the OCR.

If those are the instructions he gave you, then why not simply follow them?

Because they’re my test results and I have the right to know what they are regardless if there’s a problem or not?

I’ve had my doctor’s nurse call me with test results several times since HIPAA came out. People are over-interpreting that regulation into the ground. Good news is that there’s a widespread movement afoot to change it somewhat, since it’s really ridiculous in some areas.

That being said, why don’t you calling your doctor’s office and ask them to MAIL you the test results? That’s what our doctor does now, and I like it. I have the numbers in front of me to look at, and it saves her time and aggravation. And that way they know it’s going only to the person who’s supposed to be getting the information.

HIPAA is a good thing. It means that not every Tom, Dick, and Harry can get your medical information and use it for nefarious purposes. I have no problems at all with HIPAA.

But consider this:

You are married to someone currently on duty in Iraq. Or Bosnia. Or North Korea, or Pensacola, or the Pentagon. Your father-in-law is in the hospital and dying. You think your spouse should not only know this, you think your spouse should come home and say good bye. You do what you’ve been told: you call the Red Cross.

In order for the Red Cross to relay a message of such import it must first be verified by a medical doctor or nurse. Across the country, and despite the existence of 45CFR 164.510(b)4, and despite the fact your mother-in-law is telling medical professionals her husband’s prognosis can be released, medical professionals are not releasing that information to the Red Cross, which means the Red Cross can not relay messages to servicepeople, which means the general public is getting cranky because the Red Cross “is not doing what it’s supposed to do”.

It is easier (via funeral homes) to tell a service member someone’s croaked than it is to tell a service member somone’s dying…and it’s all because a bunch of people are afraid of getting sued for relaying information the patient or the patient’s family will be spreading around work/school/church at the earliest possible moment.

This PSA brought to you by Vampires of America. Please give blood today! Or Monday, whichever.

When you go to the lab, all you have to do is tell the receptionist that you want to sign a release for so you can get your results. They will mail them to you.

If you live in a state where the lab is not allowed to do that, you can fill out a release form at your doctor’s office to get your results.

Most people don’t understand their results, and that is why the office may request you make an appointment with your doctor, so they can explain it to you. I don’t know of any doctor’s office that would send you for tests, and not have an appointment set up for you to discuss your results, weather it be by a nurse or a doctor.

HIPPA is there to protect against fraud and to protect your personal information, information that you do not want anyone else to know about.

May be inconvenient at times, but it protects the patient.

Reasons for HIPAA, as told by my wife:

  1. “One place I worked the receptionist would say, very loudly and in the waiting room, things like, ‘You’re getting a proctoscope? Our Dr So-and-so just got one. Maybe she can tell you all about it,’ and, ‘Why, hello Mr Smith! Here to get a refill on your Viagra?’”

  2. "A woman called in wanting to talk about blood types. I eventually got out of her that her son’s girlfriend had just given birth and the woman wanted to know the baby’s blood type, apparantly to prove that it wasn’t really his baby.

"‘I can’t tell that to anybody but the baby’s mother.’

"‘What if I call back and claim I am her?’

“‘That would be fraud and I could have you arrested. I have Caller ID.’ She didn’t call back.”

We here are reasonable, law-abiding people, most of us, and we forget how many stupid, irresponsible, and just plain nasty people are out there. It will take a while for the kinks to get worked out but I believe its benefits will outweigh its liabilities.

Well then make an appointment and you’ll get them. You’ve got a right to know but you don’t have a right to the info over the phone or a right to insist that a doctor ring you with the info using billable hours.

Nobody’s preventing you from getting the info per se – they’re just not gonna deliver it in the method you most prefer.

Umm…

HIPAA?

You’ve got a right to know but you don’t have a right to the info over the phone or a right to insist that a doctor ring you with the info using billable hours.

I didn’t. THEY suggested the doctor call me, I didn’t ask for him to. All I wanted to do was either talk to his nurse on the phone or go in and talk to his nurse in person, which is what I was told by the office that I could do – then was told I couldn’t (see above).

I would have been happy with mail telling me my results but nooooooooo.