It’s Your Call – July 2023

HIPAA: What is snooping under the HIPAA Privacy Rule?

Snooping, in the context of HIPAA, refers to unauthorized access or inappropriate disclosure of someone’s personal health information (PHI) by individuals who have access to it in their professional capacity but do not have a legitimate need to know or use that information. Snooping is a violation of the HIPAA Privacy Rule and is considered a serious breach of patient confidentiality.

Examples of snooping might include healthcare employees accessing the medical records of friends, family members, coworkers, or celebrities without a valid reason or outside the scope of their job responsibilities. It can also involve employees accessing PHI out of curiosity or for personal gain. Snooping incidents can lead to disciplinary actions, legal consequences, and damage to the affected individuals’ privacy and trust.

HIPAA regulations require covered entities to have policies and procedures in place to prevent and detect snooping. They must also provide training to their employees on HIPAA rules and the importance of patient privacy. In the event of a snooping incident, covered entities are responsible for investigating and taking appropriate action, such as disciplinary measures, to address the violation and prevent future occurrences.

OSHA: What are OSHA’s rules about fire extinguisher placement?

Employers should select, mount, and place portable fire extinguishers throughout the workplace so that they are readily available and do not subject their workers to potential danger or injury (29 CFR 1910.157(c)). Device selection and position should be based upon the anticipated class of fire and the size and degree of hazard. Portable fire extinguishers can usually be found in or around hallways, laundry rooms, meeting rooms, kitchens, mechanical/electrical rooms, and near exit doors.

Portable fire extinguishers should also be visually inspected monthly and receive annual maintenance to comply with the OSHA regulation 1910.157(e).