Healthcare workers across the country are receiving well deserved praise for their dedication to COVID-19 patients, even as they become patients themselves. According to the Centers for Disease Control and Prevention, these workers account for an estimated 11 percent of all COVID-19 infections in the US. To contain the spread of this virus, hospitals have had to act quickly to protect their own workforce, which requires deploying extensive testing and contact tracing—both of which have challenged health information management (HIM) professionals and other personnel charged with managing occupational health records (OHRs).
Patient or Employee?
The need to test so many healthcare workers for COVID-19 has put HIM and privacy professionals in a delicate position. Because so many healthcare workers have been exposed to the virus and want to be tested quickly, they’ve been going to the clinic or testing centers that can accommodate them the fastest, even if that means going to the same clinic where they work. Unless they carefully explain when they present for care that they are also an employee of that organization, they run the risk of having their test results and treatment information becoming intermingled with that clinic’s other patients’ information. This creates tricky legal situations that HIM professionals have to sort it out.
The reason this is problematic is that employee health records—or OHRs—are regulated and protected by the Occupational Safety and Health Administration (OSHA), which stipulates that OHRs are always segregated from patient records. OHRs, according to an AHIMA Practice Brief, include “information about health status documented on an employee, including personal and occupational health histories as well as the opinions and written evaluations generated in the course of diagnosis, employment-related treatment, and examination by healthcare professionals and technicians.”
Most healthcare providers have separate clinics for their own employees, but the pandemic has blurred the lines in the rush to test workers. That’s one reason many hospitals have set up separate drive-thru testing facilities for their own employees. To further protect employee privacy, many hospitals contract with an outside occupational health provider, according to John Richey, MBA, RHIA, FAHIMA, an academic affairs subject matter expert at AHIMA, who used to manage occupational records at a previous job.
He says that healthcare organizations are responsible for creating and maintaining policies and procedures around OHRs and ensuring that staff are well trained on the nuances of these regulations. He also admits that it’s likely that the COVID-19 pandemic caught some providers by surprise, leaving them underprepared to segregate employee test results appropriately. But it’s never too late to create new policies and revisit existing ones to manage it.
“You might have catching up to do it but it’s never too late. There’s no time like the present to put these structures and procedures together and test them out. Don’t wait for the worst to happen,” Richey advised.
Internal Contact Tracing Poses Challenges
In addition to responding to the surge of COVID-19 patients presenting for care at Boston-area hospitals, Partners Healthcare mobilized a small army to respond to health concerns of its own staff. The healthcare network employs over 80,000 people throughout Massachusetts, and it has attempted to test as many of them for COVID-19 as possible, according to Jackie Raymond, RHIA, director of enterprise HIM at Partners Healthcare. As of early May it was testing just employees with symptoms, which was roughly 12 percent of all employees.
“They had to quickly stand up a centralized call center for occ [occupational] health, so that if any employee had symptoms or questions, they would call the occ health call line and there would be a team of nurses answering all of those calls and instructing the employees based on their symptoms to get tested or to just watch for the right symptoms. That was a very large undertaking,” Raymond said.
Her colleague Shanda Brown, senior enterprise HIM manager, says she’s gotten a crash course on contact tracing in the last couple months.
“We’re very quickly learning about the contact tracing and how occ health works when an employee tests positive if they were working while they had symptoms,” Brown said. “Occ health needs to talk with the employee to say, ‘Who did you come in contact with that may have been exposed?’ Then reach out to those employees and give them the right protocol, or safety protocol for watching for symptoms within 14 days. … But from an HIM perspective we’re just sort of living this because our employees may be symptomatic and we need to understand, were they working while symptomatic?”
While contact tracing—which is the process of identifying and monitoring individuals who might have been exposed to a contagious person—has long been an effective tool for suppressing an outbreak, it also requires discretion.
Richey says that occupational health providers and HIM professionals concerned about protecting employee data can always take steps to eliminate conflicts of interest.
“If you work with health information, you’ll run into information for someone you know, but you’re duty bound not to access information outside the scope of your job…If you have a conflict of interest, like if you know the person you’re supposed to contact trace on and you’re uncomfortable, you can recuse yourself. … My advice to practitioners working with this is to be certain you’re practicing within the scope of your own job responsibilities, and not venture beyond. If you practice within your own scope, you are protected by your facility’s policies and related laws, statutes, and regulations,” Richey said.
Mary Butler ([email protected]) is senior editor at the Journal of AHIMA.
Leave a commentSyndicated from https://journal.ahima.org/protecting-the-privacy-of-healthcare-workers-who-become-covid-19-patients/