HIPAA violation during day surgery prep

I had day surgery at the end of May and again a week later. This was minor and the surgery went without a hitch. I guess they are hoping that because they used drugs I have no memory of this incident. However, I do recall and the hospital’s outpatient surgery center, whoever is head of it, is getting a call from me this week.

Not to be nitpicky, but HIPAA violations are serious. My guess is that most of these fly over patients’ heads and are rarely reported because patients and their families (and staff!) are not perceptive enough. None of these witnesses or perpetrators of crimes and violations are aware of the potential harm that could be done by violating confidentiality.

Here is what happened. I was being prepped for surgery on my first eye. My friend was going to pick me up afterward and somehow showed up prior to the surgery. He found me in the room and popped in just to wish me well. I was dressed (or at least covered) and okay with that. We were joking around.

I had already informed them who was picking me up. They already knew I live alone and that I am unmarried and no children live with me. I told them that the person who is giving me a ride is “a friend.” No way did I say “husband” or “family member.” No way. He was a brand new boyfriend, new acquaintance. Not someone I knew very well. He was the only person who could really do this, and he had volunteered. He had time on his schedule. So he had shown up and was in the room.

The nurse came in and started asking me health questions, right in his presence. I didn’t expect this. Who did she think my ride was? Husband? Legal guardian? Why didn’t she do this when he was out of the room? She didn’t hesitate to bring up the kidney disease, right in his presence.

No way had I shared my personal health information with this guy. It was none of his business. We had gone out to eat, and all I told him was, “I do not eat salt.” Maybe he thought it was a crazy diet fad. Now what? A woman with a health condition. Oh no!

A few days later he called me up and broke up with me. I’m okay with it and I don’t regret any of it, and likely he did not break up with me due to “health condition” at all, but none of this excuses what the hospital personnel did. It does not justify a HIPAA violation, which is unethical and a violation of any federal policy that protects private protected information.

There are very few instances when a healthcare agency can disclose such information. If my “friend” was the FBI, then yes, they have to disclose. If my health information was subpoenaed, then they have to. They share with the insurance so they can get paid. You share to perform lifesaving treatment such as a blood transfusion, or putting a limb back on after a car accident.

None of the above were the case. The kidney disease had no relevance to the cataract operation. I shut down the conversation very fast. It was too late. My friend had heard, and what had been said could not be taken back.

I have one more “checkup” to make sure my eyes are okay. I hesitate to show up, seeing the appointment as money in their pockets, but I suppose I will. I can always call and tell them, “Work called me in.” Not that I hold the doctor or his office responsible. It was the hospital personnel that did the violation. Still, I only wanted my eyes done. They’re done. I don’t need the expensive superfluous rigmarole, especially since I value my upcoming day off.

Feedback and comments welcome!