Texas Nurse Fired for Sharing PHI on Social Media
A nurse employed at Texas Children’s Hospital has lost her job as a result of sharing protected health information (PHI) on a social media platform – A violation of the Health Insurance Portability and Accountability Act (HIPAA).
The nurse was employed in the pediatric ICU/ER department of the hospital and had posted comments on Facebook concerning a boy who had been admitted to the hospital with a rare case of measles. The nurse was anti-vaccination, and the post related to her anti-vax stance. She explained in the post that she had never before seen a case of measles and was shocked at the severity of the disease. She said it was a “rough experience” and was worse than she had imagined.
As reported by the Houston Chronicle, which was provided with screenshots of the posts, the nurse said, “I think it’s easy for us non-vaxxers to make assumptions, but most of us have never and will never see one of these diseases.” She went on to post, “By no means have I changed my vax stance, and I never will. But this poor kid was bad off and as a parent, I could see vaccinating out of fear.”
The vaccination rate in Houston is high (94.5%) so it is unusual to have a a patient admitted with the disease. There have been fewer than 10 confirmed cases of measles in the past ten years in Houston.
While there was no mention of the boy’s name in the nurse’s Facebook posts, from the information posted and available through the nurse’s Facebook profile, it is possible that the patient could have been identified.
As soon as Texas Children’s Hospital learned about the social media posts, the nurse was suspended pending an internal investigation. Having realized that she may have overshared information, the nurse deleted some of her Facebook posts. However, four days after suspending the nurse the decision was taken to terminate her over the HIPAA violation.
A spokesperson for the hospital confirmed that the termination was over the HIPAA violation and not because of the nurse’s anti-vax views.
Healthcare employees should be made aware that publishing PHI on a social media platform is a violation of HIPAA and that any information about patients should not be posted on social media sites without first having obtained permission in writing from the patient.