• Beacon@fedia.io
      link
      fedilink
      arrow-up
      92
      arrow-down
      8
      ·
      1 month ago

      Yeah the sticker sentence especially. That’s essentially the same as saying that the kid got the shot. HIPAA doesn’t say “it’s ok to reveal private health information as long as you do it in a wink-wink manner.” Revealing personally identifiable health information is forbidden no matter how you do it.

      • frustrated_phagocytosis@fedia.io
        link
        fedilink
        arrow-up
        53
        arrow-down
        6
        ·
        1 month ago

        Even agreeing that her son was at the doctor was a violation. We can’t confirm or deny that a potential patient even came to the building for health care.

        • ifItWasUpToMe@lemmy.ca
          link
          fedilink
          English
          arrow-up
          8
          ·
          1 month ago

          They could probably get away with simply saying “I would never recommend any advice that goes against verified safe medical practices.”

      • Serinus@lemmy.world
        link
        fedilink
        arrow-up
        21
        ·
        1 month ago

        I think she’s good with “I absolutely did not say that”.

        I suspect this is a double reverse “and everybody clapped” moment.

      • Mouselemming@sh.itjust.works
        link
        fedilink
        arrow-up
        20
        ·
        1 month ago

        See now, I decided I could read that as “your son deserved a bravery sticker for having to bear up with you as a mom.”

        Since the mom made the visit itself public, and lied about the conversation, and the nurse didn’t specify what either person DID say, nor what actually was or wasn’t done, I’m not sure any new information was revealed. Implied, if you want to infer it, but not stated. And for the mom to sue about it, she’d have to publicly admit to her own lies…

          • Mouselemming@sh.itjust.works
            link
            fedilink
            arrow-up
            5
            ·
            edit-2
            1 month ago

            I know lying isn’t against the law. (Although I’m neither a legal nor medical professional.) I meant she would be deterred from suing because the extent of her lies would have to be aired in court, in public, in order to prove the nurse revealed information.

            In the case you linked, the nurse posted information about a rare case (ergo easily identified) whereas in OP’s situation the publicly identifying information had already been revealed by the mother and the nurse didn’t specify any new facts about the case itself. She might still get in trouble but it’s less cut and dried than the case in your link. Imvho.

    • radicalautonomy@lemmy.world
      link
      fedilink
      arrow-up
      15
      ·
      1 month ago

      Psst…the responder isn’t really the nurse from the story. It’s someone pretending to be the nurse and blurring names so that they can rile you up.

  • IsThisAnAI@lemmy.world
    link
    fedilink
    arrow-up
    52
    arrow-down
    10
    ·
    1 month ago

    That last comment is 100% actionable by both her employer and the patient.

    Don’t be dumb with that shit. Judges don’t fucking listen to it was just a joke wink wink unless you have some good fucking lawyers.

    • ObsidianZed@lemmy.world
      link
      fedilink
      arrow-up
      21
      arrow-down
      2
      ·
      1 month ago

      Can you explain how exactly? They only mentioned that they gave them a sticker at the end of the appointment.

      Is it purely the fact that they admitted there was an appointment?

        • Optional@lemmy.world
          link
          fedilink
          arrow-up
          24
          arrow-down
          4
          ·
          1 month ago

          I don’t agree.

          Protected Health Information, PHI, includes anything used in a medical context that can identify patients. Although it doesn’t explicitly address personally identifiable information, the HIPAA Security Rule regulates situations like this under the term Protected Health Information (PHI). Some examples of PHI data can include:

          • Name
          • Address
          • Date of birth
          • Credit card number
          • Driver’s license
          • Medical records

          None of those were revealed. If some intrepid ambulance chaser wants to argue “i gave your son a sticker” is a “medical record”, go for it. Hell in some Bumblefuck red state county you might get in front of a judge with that. But you will not be making any money off of it, and no serious attorney would waste the court’s time.

          • ShunkW@lemmy.world
            link
            fedilink
            arrow-up
            18
            arrow-down
            3
            ·
            edit-2
            1 month ago

            Confirming someone is a patient without consent is a violation.

            Edit: but the mom did open the door I suppose so maybe not.

          • orcrist@lemm.ee
            link
            fedilink
            arrow-up
            12
            arrow-down
            2
            ·
            1 month ago

            Right, the medical records were revealed, and probably the name was revealed. This discussion is taking place in context, so if a reader can scroll up and see the kid’s name in the previous post, now they know something about what happened to that kid medically on that day at that time at that place.

            In these types of situations you have to look at other readily information and use common sense to determine what a reader could find out.

            Because there’s often extraneous information available to outsiders, any medical employee worth their salt would decline to give any information about any patient without running it through the proper channels to make sure everything is anonymized or a waiver is signed.

          • Railing5132@lemmy.world
            link
            fedilink
            arrow-up
            12
            arrow-down
            3
            ·
            1 month ago
            1. the judge wouldn’t be in bumble fuck, TN or anywhere else other than in a civil rights case brought by the department of health and human services in DC. You’d be charged in federal court.
            2. disclosing information that relates to the “a) treatment, b) payment, or c) operations” (not medical procedures, that’s under “treatment” - this is things like quality assurance and training) need to have a client authorization for disclosure.

            Strictly speaking, this nurse confirmed the identity of a specific individual that received a _specific treatment_ at a specific facility (her employer) to a public forum, all without the authorization of the client. Any compliance office would hang the nurse out to dry, even as a proactive measure, to mitigate a potential unauthorized disclosure claim.

            • Optional@lemmy.world
              link
              fedilink
              arrow-up
              2
              arrow-down
              3
              ·
              1 month ago

              I see, i see, a federal case even. Mmm.

              So, counselor, what was the specific treatment then?

              • Bertuccio@lemmy.world
                link
                fedilink
                arrow-up
                7
                arrow-down
                1
                ·
                edit-2
                1 month ago

                Laws are generally not stupid enough to allow magic wording loopholes.

                If it’s obvious that the nurse saying they gave the boy a “brave boy” sticker means the boy got a vaccine, that’s the same thing as saying he got a vaccine.

                Compare to hypothetical statements like

                “I can’t say what procedure she got, but she’s going to need to keep buying tampons for the next 9 months”

                “I can’t say what procedure they got, but they’ll definitely need to sit to pee from now on.”

                “I can’t say what procedure he got, but keep strong magnets away from his chest.”

          • Alexstarfire@lemmy.world
            link
            fedilink
            arrow-up
            6
            ·
            1 month ago

            I think something most people don’t know is that ANY piece of information that can be used to identify a specific patient is a HIPAA violation. What you posted are definitive pieces of information that qualify but it’s not limited to those.

            I think the replier will have a hard time defending themselves if they are indeed a healthcare employee that has knowledge of the patient. Doesn’t specifically say who the patient is but does confirm it’s poster’s kid. If that’s easily identifiable via the same social media platform IDK what they’d hide behind.

      • Optional@lemmy.world
        link
        fedilink
        arrow-up
        2
        arrow-down
        2
        ·
        1 month ago

        If you want to claim VaxBatCrazy59’s son had an appointment, do it. If you think you can win that case (and btw what case is that?) then bring it. Assuming you’re a DA with nothing better to do.

  • tee900@lemmy.world
    link
    fedilink
    arrow-up
    39
    ·
    1 month ago

    Ragebait folks. Yes it might exist out in the wild but do something better with your time.

  • Facebones@reddthat.com
    link
    fedilink
    arrow-up
    35
    arrow-down
    1
    ·
    edit-2
    1 month ago

    It’s been a while since I saw a good “and everybody applauded” moment. Thank you for that lol

    EDIT: Just clicked and saw the second part, whomp whomp

  • radicalautonomy@lemmy.world
    link
    fedilink
    arrow-up
    22
    arrow-down
    1
    ·
    edit-2
    1 month ago

    No way a nurse is responding to a post like this. This is a troll who came across a public post and is pretending to be the nurse, blacking out names, and posting this elsewhere for the updoots.

    • Optional@lemmy.world
      link
      fedilink
      arrow-up
      6
      arrow-down
      4
      ·
      1 month ago

      No there isn’t.

      Posting patient information on social media is a HIPAA violation if you do not have the patient’s authorization because it discloses individually identifiable health information to the public that could be used to commit fraud or identity theft.

      “Yes, I’m VaxBatCrazy59’s son, and I would like to purchase this motorcycle. My identification? Of course, it’s all right here in a now-deleted facebook post. You can confirm with NightNurse1985. Of course, i’ll wait.”

      This even specifically says there’s nothing in HIPPA that mentions social media. This (law? Policy? What is the . . crime? . . again?) has all the solidity of soup.