Confidentiality is paramount to safeguarding trust between medical practitioners and their patients. Nurses frequently deal with intricate scenarios that require the protection of health data. Since patient safety is grounded in legal and moral imperatives, nurses must consider ethical dilemmas that may arise in the course of duty2. In this context, the Code of Conduct establishes the moral standards for the nursing profession and functions as a guide for nurses to apply in proper decision-making6. This paper presents an analysis of two scenarios where a colleague breached the Code of Conduct. The cases will be used to systematically analyze the legal and ethical implications of decisions and actions made by a nurse to identify noticeable mistakes and offer possible recommendations to prevent such situations from arising.
Case 1: Description/ Details
The application of Electronic Health Records (EHRs) has increased tremendously in the past few years. The Internet has become the center stage platform for sharing information across various departments in healthcare centers. The case presented in this paper illustrates the misuse of digital communication by some caregivers. Jane and I worked in the same department as nurses at Ultra-Care Suburban Hospital (UCSH). She was a fresh graduate who had just got employment in the emergency department (ED) and yearned for job experience. Working in the Intensive Care Unit (ICU) was her dream since she enrolled for a degree in nursing at Fairmont State University. Nurses and other medics have access to patient information for treatment planning or prescribing medications. With this opportunity, Jane would indiscriminately view patient data using the EHR system to enrich her job experience. I noticed that she developed a habit of accessing the medical data of unassigned individuals. I tried to overlook the issue at first until Jane started exposing inappropriate patient information to other colleagues. For instance, she would claim that cancer patients were taking tramadol and hydromorphone opioids like candy. Initially, I questioned Jane about it and warned her against continuing this habit. It was against the rules on the handling of private information concerning patients. I opted to report her to the supervisor after she refused to heed my warnings.
After questioning by her supervisor, Ms. Jane admitted that she had accessed medical information for unassigned patients and confessed to talking about them on several occasions while outside the hospital environment. Her supervisor questioned and informed her that her actions were tantamount to a breach of the hospital’s Code of Conduct for two main reasons. Firstly, the hospital’s information security rules forbid intrusion into private health data. Secondly, Jane’s actions were purely motivated by personal interests. She did not do it as part of a patient’s treatment or care or for any other genuine job responsibility.
Consequently, Ms. Jane’s supervisor suspended her, issued an employee disciplinary notice, and sent her to repeat a Health Insurance Portability and Accountability Act (HIPAA) training class. A complaint was later filed with the Nursing Board, commencing an inquiry that led to a reasonable cause to place charges against her. It was claimed that she violated the state code concerning patients’ privacy rights. A hearing of Ms. Jane’s case prompted the board to make the following remarks:
- Ms. Jane accessed the patient registry solely to satisfy her learning needs and familiarize herself with cases in her new work environment.
- Ms. Jane exposed the information she accessed to colleagues and third-party persons contrary to the state code for patient privacy.
- Ms. Jane did not require sensitive or confidential information in the patient registry to carry out her duties.
The Nursing Board established that Ms. Jane had perpetrated unethical behavior by violating patients’ privacy or confidentiality rights by accessing secure health information on the registry for non-official reasons. The Board imposed a warning as a disciplinary measure and a citation as punishment. Unsatisfied with the outcome, Ms. Jane filed a request for a rehearing, arguing the Board’s finding was not corroborated by the evidence since she had only intended to use the information for the improvement of knowledge. The Nursing Board denied Ms. Jane’s application, asserting that accessing secure and confidential health information without a genuine reason violated the patients’ privacy rights.
Critical Analysis of Systems/Process that Contributed to the Event
In the nursing profession, different legal procedures and guidelines govern the access and use of medical records. According to Aroca et al.1, the Data Protection Act and HIPAA provide a framework to manage patient information processing, especially their health records. These statutes enshrine the legal ownership and dissemination of confidential information and set standards for its access and use. In this case, Ms. Jane’s actions were in breach of HIPAA security and privacy rules that prohibit unwarranted access in cases where a particular organization does not allow it. Additionally, her actions violated HIPAA as she accessed confidential patient information without exercising the hospital’s code of ethics. Such violations must be reported to a Privacy Officer or the responsible authority.
Based on HIPAA guidelines, written consent is necessary to disclose or use any person’s private health information not used for healthcare operations, payment, treatment, or allowed by the Privacy Rule1. In this case, there was a clear breach of confidentiality, and Ms. Jane’s actions were reported to her supervisor in keeping with HIPAA guidelines.
By following the stipulated guidelines, Ms. Jane could have protected the hospital’s patients’ privacy and confidential information by avoiding unnecessary access to the ICU registry. All hospital staff members play a significant role in safeguarding electronic patient information3. Therefore, it is incumbent for all staff members, especially those with access to private information, to follow the set laws and regulations that manage the access and use of confidential information and ensure that all electronic information is protected from unauthorized access.
Case 2 Description/ Details
Derrick and I work as nurses in Cornwell Hospital’s ICU department. Stacy, an eight-year-old female, was admitted to the facility due to hypoxemic respiratory failure. After emergency treatment, she was taken to the intensive care ward, where she was monitored continuously due to fragile health and severe ailment. We usually work in rotational shifts taking care of the patients in our department, although each person in the ICU unit is assigned their “named” nurse; Derrick was assigned to Stacy. During one of her routine checkups on a Monday, Derrick performed all his assigned duties and then performed other common practice tasks, documenting the treatment as completed.
The following day, Derrick received a call from the Director of Nursing Services in the ICU unit. The Director stated that moments after Derrick left, Stacy tried to get up from her bed to reach a water bottle and fell, hitting her head on the ground. When Stacy was asked why she opted to get out of bed unsupervised despite strict instructions not to do so, she stated that while Derrick was performing his duties, he had moved her call light and forgot to return it within reach. Since there was no one around to offer assistance, she decided to reach for the water bottle since she was feeling thirsty.
Stacy’s condition deteriorated steadily over a ten-hour-ten-hour period after which she died. The coroner’s report indicated that Stacy passed away due to intracranial hemorrhage caused by the fall. Following the incident, Derrick was called in by the facility administrator to investigate Stacy’s demise. When asked if he had ensured that Stacy’s call light was well-positioned before he left, Derrick stated that he was uncertain. He also acknowledged being preoccupied that day due to personal problems and a heavy workload. Regardless of his excuses, Derrick was Stacy’s assigned nurse, and his actions led directly to her death. Therefore, it was established that her death had occurred primarily due to gross negligence on his part.
Critical Analysis of Systems/Process that Contributed to the Event
Nurses are personally responsible for the provision of competent and safe nursing care. It is each nurse’s responsibility to maintain the competence required for everyday practice. Duty of care is an integral part of the Code of Conduct in nursing4. Duty of care integrates an ethical obligation, a professional commitment, and a legal duty to execute roles and responsibilities.
In this case, Derrick’s failure to ensure that all aspects of Stacy’s living environment conformed to those required for a seriously ill patient contributed to her death. According to Brotherton et al.4, medical practitioners should be able to predict likely situations that can arise from oversights or other adverse decisions. Derrick’s failure to check whether Stacy could quickly call for assistance amounted to negligence on his part, which led to the adverse event. This occurrence significantly transformed Derrick’s commitment to work, causing him to handle patients more carefully.
The Code of Conduct in nursing defines an adverse event as an unintended complication or injury resulting in permanent or temporary disability, prolonged hospital stays, or patient death. According to Huang et al.5, it is caused by neglect by health care management instead of the patient’s disease. Under the human error theory, Derrick’s operational failure resulted in Stacy’s death. His duty was to provide proper care for Stacy within his scope of practice. Therefore, he has to take responsibility for the adverse event (Stacy’s demise) that occurred in part due to his negligence. If the same event was to occur in the future, I would ensure that the patient receives appropriate treatment. However, it is important to maintain a nonhazardous hospital environment that does not put the lives of other people at risk.
In this case, it is the nurse’s duty, especially in caring for critically ill patients, to ensure that all facets of the patient’s care have been addressed. Nurses should have a checklist of all the critical actions and considerations that need to be taken into account when caring for critically ill patients to reduce the chance of human error or negligence. Regular training is also essential to allow nurses to update their skills and remind themselves of HIPAA guidelines.
A patient’s medical information is often private unless accessed through the morally and legally accepted approaches and solely for addressing health care issues only pertinent to the patient himself/herself. The nurse’s primary professional duty is to care for people needing nursing assistance. These case studies tried to present to the reader a systematic legal and ethical analysis of the relevance of The Code of Conduct in nursing practice. Similarly, to Ms. Jane and Derrick, all nurses will encounter ethical dilemmas in the course of their work and are expected to maintain best practices at all times. Their actions will contain fewer errors of omission and commission if they apply the Code of Conduct in their regular nursing activities. Consequently, best practices and social trust in the nursing profession will be upheld.
Aroca MC, Girela-López E, Collazo-Chao E. Confidentiality breaches in clinical practice: What happens in hospitals? BMC Medical Ethics. 2016:17(1): 52-60.
Austin S. 7 legal tips for safe nursing practice. Nursing Critical Care. 2010:5: 15-20.
Brotherton S, Kao A, Crigger BJ. Professing the values of medicine: The modernized AMA Code of Medical Ethics. Jama. 2016:316(10): 1041-2.
Huang H, Sun F, Lien Y. Nurse practitioners, medical negligence, and crime: Abase study. Clinical Nursing Studies. 2015:3(4): 21-27.
Kadivar M, Manookian A, Asghari F, Niknafs N, Okazi A, Zarvani A. Ethical and legal aspects of patient’s safety: a clinical case report. Journal of medical ethics and history of medicine. 2017:10: 15.
Saygili E, Ozturkoglu Y. Patients’ rights and professional conduct issues in hospitals’ codes of ethics. International Journal of Human Rights in Healthcare. 2020:13(3): 201-208.