An RN reader shared that his niece was having mental health issues. She was staying with the nurse and his family while being treated at an outpatient facility. The nurse agreed to this arrangement under the conditions that the niece took her medications as ordered and participated in the program, including sessions with a psychiatrist.
In a "family meeting" with care providers, the nurse and his wife were updated about the niece's diagnoses and treatment recommendations by the psychiatrist, which they relayed to her parents. They also informed extended family about her condition.
The nurse's brother informed him that the state board of nursing (BON) sent a letter to his home stating that an investigation was initiated due to a complaint by the niece. In the complaint, the niece said the nurse had violated her Health Insurance Portability and Accountability Act (HIPAA) privacy rights and also acted unprofessionally.
The nurse said he has never been professionally involved in his niece's care. He believes HIPAA applies to him only when caring for patients in a nurse-patient relationship. He wonders if the board will file a professional disciplinary action against him.
Maintaining patient privacy and confidentiality
One of the ever-present legal and ethical obligations you have as a nurse is to maintain a patient's privacy and confidentiality. This responsibility is grounded in the American Nurses Association's Code of Ethics, specialty nursing associations' codes of ethics, state laws of confidentiality and privacy for patients, and nurse practice acts. It's also established at the federal level by HIPAA itself. For the purposes of this blog, I'll focus on several key points of the HIPAA Privacy Rule.
The rule sets national standards for the protection of personal health information (PHI) in any form or media — whether electronic, paper, or oral — that's held or transmitted by a covered entity. Covered entities include health plans, healthcare clearing houses, and healthcare providers, including nurses.
Healthcare providers who directly treat patients can share information for treatment purposes without a signed patient authorization. Patient information can be shared with family, friends, or anyone else when a patient provides consent. Whenever information is released under the rule, only information that's necessary to meet the purpose or use of the disclosure can be released (minimum information standard).
If there's an emergency situation, PHI can be shared if, in the judgment of the entity or practitioner, it's in the best interest of the patient.
Does HIPAA apply in this case?
It appears that HIPAA would not apply here, although only the Office of Civil Rights (OCR) can determine if a breach of an individual's PHI has occurred after a complaint is filed.
The notice of an alleged HIPAA violation came from the state board of nursing, not the OCR, so it seems that a complaint wasn't filed with the OCR. Also, the nurse doesn't have a business or clinic that transmits standard health information transactions electronically.
Even so, questions do arise. For example, the nurse stated that he and his wife had a "family meeting" with the psychiatrist, who shared diagnoses and treatment information. That information was shared with the niece's parents and extended family.
Does this meeting trigger the establishment of a more formal nurse-patient relationship between the uncle and the niece? Was there a reason the patient's parents were not involved in the meeting? Did the psychiatrist request that this information be shared, or not be shared, with the parents? Did the niece attend the meeting or was she told of the meeting? Did the psychiatrist obtain her consent to speak with the nurse and his wife?
A clearer legal concern for the nurse is the involvement of the BON and the "unprofessional conduct" allegation.
A BON has the authority to discipline a nurse licensee for unprofessional conduct relating to patient care. Examples include leaving a work shift without notifying the required individuals, failure to monitor a patient, and falsifying patient records. Patient injury isn't required.
In the nurse's situation, the board may be concerned that because he is licensed, his duty to maintain the privacy and confidentiality of the niece's care and treatment is known to him and should have been protected, even though there is no formal nurse-patient relationship.
But it may well be that the niece's complaint to the board is unfounded. For example, if the nurse obtained the niece's consent to share the family meeting information with her parents and extended family, there is no breach of her privacy and confidentiality under the state nurse practice act or HIPAA.
Implications for your practice
The nurse wanted to help his brother and niece during a difficult time, which is commendable. However, it is important for you to remember that if you volunteer to help to a family member, friend, or neighbor, you must always adhere to professional conduct.
If you're contemplating helping someone with any kind of nursing care that might fall under the state nurse practice act or rules, think carefully about the parameters you need to establish and have an agreement in place before taking on this role.
For example, it's important to inform them that you must comply with your state's nurse practice act and rules — including protecting confidentiality, mandated reporting of child abuse, communicating with the person's physician or advanced practice nurse, and complying with state and federal laws concerning nursing care.
You also may want to consult with a nurse attorney or attorney to understand the ramifications you may face in such an arrangement.
If all goes well, it's a win-win for all concerned. However, if some kind of "parting of the ways" occurs while helping another person, you may find yourself in the same situation as this nurse. In short, your conduct may be considered unprofessional based on the allegations made by the person you helped, despite the absence of a formal nurse-patient relationship. It's best to dot your i's and cross your t's early on.
Be certain to review your state nurse practice act and rules as they pertain to unprofessional conduct on a regular basis. In addition, review any of your board of nursing's opinions that relate to unprofessional conduct.
Are you concerned about how volunteering your skills outside the workplace can affect your license? Comment below and talk to your fellow nurses about this topic by downloading the Nurse.com social networking app. 
