Sunday, October 31, 2010
Firehouse photos
Tuesday, October 26, 2010
Fire and EMS related incidents are very common subjects for the media. On largre incidents, news crews will show up with their vans and equipment with hopes of making the next big story for their newspaper or news station. Not only are the news crews taking pictures of incidents like the ones shown here, but crew members and civilians are also taking digital pictures on their phones or "point and shoot" cameras on a regular basis. For most people, incidents like large accidents and fires are not common so people are quick to take a quick snap shot however possible.A picture can really tell a thousand words when it comes to Fire/EMS incidents. Some pictures, however, are better than others. Posted below are pictures of tow incidents which both occurred here in Prince Georges County, MD. The first is a shot of a structural fire in a restaurant. Pictures should be able to tell whoever is looking at them a story. I can see a great deal of information in this picture at a quick glance. I can see a ladder on the right, fire coming out of the roof, hose lines on the ground, and a 2 "deck guns" set up aimed at the fire. I would consider this picture a good one because you can see a lot about whats happening on the fire ground. Although many pictures can tell a thousand words, other "bad" pictures don't tell the intended viewer much about what was being photographed. The picture at the bottom here is poor in that I have no clue what was going on inside of the building. Although some incidents may be more difficult to photograph, I think the photographer of the last picture could have zoomed in to the people walking out of the building in order to get a better view of what's going on. People will always take pictures(and videos) of fire incidents and the "good" ones really can tell a thousand words.
Wednesday, October 13, 2010
Dom and Andrew's Experience with HIPAA
In general, the privacy rule is that medical information about a consumer can only be transmitted by various covered entities in order to treat the consumer, collect payment from the consumer, and complete health care operations, such as audits or quality assessments. All the information is “need to know”, so even if you are performing one of the above operations you only get as much information as you need to do your job. For instance, a registration nurse will receive detailed personal information to collect payment, but very vague medical information, as she does not need those details to put a patient into the hospitals system, whereas the patients medical nurse will receive very detailed medical information, but is more limited on things like the patients address or credit card number.
The Privacy Rule, applies to health plans, health care clearinghouses, and to any health care provider who transmits health information in electronic form in connection with transactions for which the Secretary of HHS has adopted standards under HIPAA. It covers all information pertinent to the patients past, present or future physical or mental health or condition, the provision of health care to the individual, and the past, present, or future payment for the provision of health care to the individual.
One of the major purposes of the Privacy Rule is to define and limit the circumstances in which protected heath information may be used or disclosed by covered entities. The only way private health information may be shared by a covered entity is if the Privacy Rule permits so, or the subject of the information gives consent via writing. The penalties for violating the Privacy rule are very severe for health care providers like ourselves, in fact HSS may give civilian money penalties to covered entities for non-compliance of the Privacy Rule requirement. Fees of $100 may be imposed with a maximum limit of $25,000 per year for multiple violations. Covered entities may get out of fees only if a violation is due to reasonable cause and did not involve willful neglect, and the covered entity corrected the violation within 30 days of when it knew or should have known of the violation.
Slowly the medical industry is adapting newer technologies. The late coming of the medical industries reporting system into the technological age is perhaps because of the strict privacy restrictions that apply to all the associated information. It’s difficult to protect things once they are online, even if they only exist with an intranet of medical service providers. In PG and Montgomery counties, as well as around the country, there has recently been a major jump forward, switching from paper reporting to electronic reporting. This has made the process much more streamlined, but questions may arise as to how secure this is. There are several major things that didn’t exist during the paper reporting system that have been implemented to improve security and confidentiality. Firstly, one must sign in to the system with their own name and password to see their own “calls” another EMS provider cannot access these records, not even if they were on the call. Only the EMS provider in charge can access the records. It also adds a patient signature pad, which the patients signs after reading about HIPAA’s regulations, and learning about how the information I have collected will be used, and how it should not be used. It also eliminates the “EMS reviewer” which was part of paper reporting, essentially a third party EMS member who generally was not on the call would review the full report to ensure accuracy before sending the report to the county to be placed into the system.
There are some worrysome things about the new reporting system though, firstly not every provider remembers to sign out of the system before they leave, granting access to the next EMS provider who uses the computer. This is generally not an issue, as most other providers just sign out, but it is still technically a HIPAA violation.
The Privacy Rule, applies to health plans, health care clearinghouses, and to any health care provider who transmits health information in electronic form in connection with transactions for which the Secretary of HHS has adopted standards under HIPAA. It covers all information pertinent to the patients past, present or future physical or mental health or condition, the provision of health care to the individual, and the past, present, or future payment for the provision of health care to the individual.
One of the major purposes of the Privacy Rule is to define and limit the circumstances in which protected heath information may be used or disclosed by covered entities. The only way private health information may be shared by a covered entity is if the Privacy Rule permits so, or the subject of the information gives consent via writing. The penalties for violating the Privacy rule are very severe for health care providers like ourselves, in fact HSS may give civilian money penalties to covered entities for non-compliance of the Privacy Rule requirement. Fees of $100 may be imposed with a maximum limit of $25,000 per year for multiple violations. Covered entities may get out of fees only if a violation is due to reasonable cause and did not involve willful neglect, and the covered entity corrected the violation within 30 days of when it knew or should have known of the violation.
Slowly the medical industry is adapting newer technologies. The late coming of the medical industries reporting system into the technological age is perhaps because of the strict privacy restrictions that apply to all the associated information. It’s difficult to protect things once they are online, even if they only exist with an intranet of medical service providers. In PG and Montgomery counties, as well as around the country, there has recently been a major jump forward, switching from paper reporting to electronic reporting. This has made the process much more streamlined, but questions may arise as to how secure this is. There are several major things that didn’t exist during the paper reporting system that have been implemented to improve security and confidentiality. Firstly, one must sign in to the system with their own name and password to see their own “calls” another EMS provider cannot access these records, not even if they were on the call. Only the EMS provider in charge can access the records. It also adds a patient signature pad, which the patients signs after reading about HIPAA’s regulations, and learning about how the information I have collected will be used, and how it should not be used. It also eliminates the “EMS reviewer” which was part of paper reporting, essentially a third party EMS member who generally was not on the call would review the full report to ensure accuracy before sending the report to the county to be placed into the system.
There are some worrysome things about the new reporting system though, firstly not every provider remembers to sign out of the system before they leave, granting access to the next EMS provider who uses the computer. This is generally not an issue, as most other providers just sign out, but it is still technically a HIPAA violation.
Dom’s Experiences:
As a provider in Montgomery County I deal with HIPAA regularly. As mentioned before, the major take home point as a provider is to limit how many people get information about your patient, which can be surprisingly more difficult than one would expect. I can’t count how many times a nervous family member has jumped into the back of my ambulance asking a lot of questions that I simply wasn’t allowed to answer. Speaking of family members, there is also the difficultly of which family members should be brought along inside the ambulance, and who may sit in the back with the patient, and who to seclude to the front. Over the course of a typical transport by myself, and by many providers, I try to dig up as much medical history as I can with the person in a very short period of time through a series of questions, many of which are the very information HIPAA is designed to protect, which means that having a family member in the back of the ambulance requires the consent of the patient.
Now, we’ve mentioned that for consumers the major take home point is that all their information is to be protected, but as providers our major take home point is that HIPAA is by no means meant to hinder our job. There isn’t some sea of paperwork to move this information from say, a nursing home, to myself, to an emergency department staff, nor is HIPAA meant to keep me from telling a necessary number of future providers about what is going to occur. On a major trauma call I may end up giving a report to a paramedic, a nurse, and an entire team of trauma surgeons without violating HIPAA. HIPAA is a medical “need to know” and if 20 people truly do need to know then all providers involved are covered. While at Holy Cross Hospital a few nights ago I saw a good example of how nurses cover themselves from violating HIPAA. I had just brought in a patient, who’s daughter later called the hospital. The nurse called over to my patient saying “ma’am, your daughter is on the phone, she would like to know if I can give her information about your condition, is that alright?”. This statement, while seemingly simple, really shows how aware the nurse was that others were listening, and what information they should not know about my patient. Firstly, she referred to her only as “ma’am”, as to not give a name, second, she referred to my patient’s “condition” without stating aloud what was wrong, and third, she asked permission even before informing the patients daughter. HIPAA is something always on the mind of providers, and while not stopping us from doing our jobs, it remains an important part of the community.
Andrew’s Experiences:
I am also an EMT provider and experience many of the same things Dom touched on. When a patient is transported by an ambulance from the College Park Fire Department, they are required to sign a computer which serves multiple purposes. The laptop computer is used by providers to record patient information, keep track of the location of calls, and also used as a mean for patients to sign electronic “paperwork”. One of the things that the patients sign is a detailed explanation of HIPAA as it relates to an ambulance transport. The form basically describes the Privacy Rule and how their information is protected. Another precaution the providers take is verbally explaining HIPAA to the patients before they even sign the laptops. We tell them to fully understand what they are signing and basically that any personal health information shared is confidential and will only shared by covered entities which include the EMT’s, the hospital staff, and the patient’s health insurance companies.
On Monday, 10/11/10, a major incident happened at Downtown College Park which involved 4 people (3 of which were students) getting in a fight ending in stab wounds to all four victims. This incident has been all over the news and newspapers. I ended up driving one of the patients to the hospital and proving care for two of them on scene. Local news stations all swarmed to College Park in order to report and gather as much information as possible. Many of these stations called our firehouse looking for information about the patients and their condition. As a covered entity by HIPAA and the Privacy Rule, we were unable to share any information about the patients and what we did. Also, close friends of mine have been asking about what happened to the patients, but I am only able to give a brief summary of the incident without giving too many details about the patients and their condition. I am personally glad that there are rules and regulations about personal health information because if something as terrible as the recent stabbings happened to me, I’d want my information to be as confidential as possible.
Sunday, October 3, 2010
Personal Health Information
Privacy is a big topic when it comes to Emergency Medical Services. Patients share all sorts of personal information with health care providers and there are laws and regulations in effect in order to protect this private information. The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996 in order to better protect peoples private health information.
This act is broken down into two main Titles which outline the act and what it covers. The second Title is most relevant to what I do as an EMT and covers the prevention of health care fraud and abuse. In the second title there is a section about health care providers and patient information. This section includes a Privacy Rule which regulates the use and disclosure of certain information held by “covered entities” such as EMT’s, health insurance companies, and hospital staff.
What this basically means for me is that I am required by law to keep Personal Health Information disclosed by patients confidential. Whenever the ambulance transports patients, we are required to have them sign a paper that says that they understand HIPAA and that any information they share with the EMS personnel is kept confidential. The EMTs also verbally tell the patients that any information that they share with us is kept confidential and can only be shared by us, their health insurance companies, and the medical staff at the hospital. Emergency health providers also perform other precautions in order to keep information confidential and safe from the media, criminals, and the general public. One of these precautions is that when the ambulance has paperwork signed by a patient, we place the papers in a locked box within the firehouse so that it is impossible for anybody but the station officer to gain access to the Personal Health Information. Health care providers take this matter very seriously and we understand how important keeping information like health history confidential is.
Personal and private information is much less, well, private that it used to be. Advancements in the internet and information sharing have made what used to be private information now available for the public. I have conducted a small experiment where I picked a random person that I knew and tried to find out as much information about this person as possible only using the internet. My results were quite scary and really showed how much personal information is made public on the internet. I was able to find information about where his house is located, what his parents names and phone numbers are, and where he went to high school. On this flip side, however, I was unable to find any health related information about this person. I am glad that this information is so well protected and hard to gain access to. I personally feel very exposed knowing how much of my information is available to the public, though I am glad that nobody can Google my name and learn that I had a serious health disorder as a child or something like that. For more information about HIPAA and Personal Health Information, follow the link below.
Source:
Subscribe to:
Comments (Atom)