Did EMS Worker Commit HIPAA Violation With Facebook Post?

Did an emergency medical services (EMS) worker in Roane County, Tennessee, commit a HIPAA violation with a Facebook post that described the peculiar location of an emergency response—a chicken coop?

The EMS worker was part of a team that responded to a call about Leon Raymond, who had suffered a heart attack in his chicken coop.

“The first responders arrived and started CPR on him while I held his hand and sat next to him. Of course I was crying,” Leon’s wife Kathy told USA Today Network-Tennessee. She was asked to leave while the EMS team worked on her husband.

Later, the EMS worker posted on her Facebook account, “well, we had a first…We worked a code in a chicken coop! Knee deep in chicken droppings.”

In the comment section to her post, the worker also wrote, “It was awful,” and “I’m pretty sure y’all could smell us in dispatch,” reported WATE.com.

Raymond called the Roane County EMS to complain about the post, but they didn’t return her call. She then spoke with Roane County Executive Ron Woody, who apologized and said that the county’s attorney did not think the post was a HIPAA violation.

Woody told USA Today Network-Tennessee: “We had an employee that should not have been on Facebook discussing anything regarding her work. We have consulted with that employee and we are going to meet with the whole group of them … (and explain) that what’s business is business and what’s personal is personal and we don’t want to intersect the two.”

The county attorney “indicated that it was probably not (a violation) of HIPAA,” but acknowledged the post “should not have been done,” Woody said.

Raymond is considering filing a lawsuit against the county. “This is wrong for her to just get a slap on the wrist. I don’t want her to be able to have a job as an EMS worker if she does not have more compassion than that. Even though she did not mention his name, she said it was the first time they had ever had a call in a chicken coop. Everybody knows where my husband died.”

In discussing the application of HIPAA to EMS workers, Chris Kelly, chief legal officer at EMS Consultants in Atlanta, observed: “HIPAA isn’t always at the top of most ambulance services’ priority lists. It’s complicated, certainly not written with medical professionals who perform their skills in the backs of moving vehicles in mind, and not a key piece of what we need to do to protect our communities in case of emergency.”

Kelly noted that OCR last year began performing unannounced onsite audits for HIPAA compliance, so EMS teams should be more vigilant about HIPAA compliance.

According to a slideshow called “HIPAA Training for EMS Personnel” prepared by the Southern Tier Emergency Medical System, HIPAA regulations affect how EMS workers use and transfer patient information. HIPAA requires EMS agencies to appoint a compliance officer and create standard operating procedures for workers to follow. Of relevance to the Roane County case, HIPAA mandates training of EMS personnel and administrative support staff on the law’s requirements.

EMS personnel must follow HIPAA regulations during patient care situations, when transporting patient information, for administrative functions, and in retaining, managing, and releasing patient information.

In situations where the patient is conscious, EMS personnel must notify the patients of their HIPAA rights in a timely manner and must request patients sign a statement acknowledging that they are aware of these rights.

PHI may only be shared by EMS agencies and personnel for treatment, payment, or operational needs. Because EMS agencies operate in the field, HIPAA uses a “reasonableness” standard regarding PHI disclosure and privacy, the slideshow related.

Whether the Facebook post of the Roane Country EMS worker would be a HIPAA violation is difficult to access, given that the patient’s name was not disclosed. However, Raymond argues that the unique location of the chicken coop means that her husband was obviously the subject of the post.