HIPAA Violation In Rabbi’s Essay?

Today’s Washington Post has an interesting piece about Rabbi Tamar Miller’s firing from the George Washington University Hospital. Rabbi Miller contends she was fired for posting an essay on the Washington Post’s online “On Faith” blog. Rabbi Miller’s essay described her efforts to comfort the family of Stephen Johns, a security guard who was wounded in the June 10 shooting at the U.S. Holocaust Memorial Museum.

The essay included this passage: Inside the operating room, doctors of every faith and cultural background gathered their medical skills to save their wounded patient whose big heart had stopped beating. Outside the operating room, there was waiting and wailing, praying and punctuated sobbing.

According to that hospital, the reference to the events in the operating room disclosed protected health information, a violation of the privacy rules promulgated under the Health Insurance Portability and Accountability Act (“HIPAA”). This raises a few points. First, note that the “P” in HIPAA doesn’t stand for “Privacy.” That surprises people, since HIPAA seems to be used as a shield to disclosure more than anything else. Second, the passage above is the only discussion of Johns’ “treatment” in the essay. Now, I don’t want to get in the middle of this fight, but given that the HIPAA Privacy Rule allows hospitals to disclose “directory information” it’s kind of a close call here. I am certain that HIPAA has done much good since it’s passage. I am equally certain that it has caused much confusion in its application. This case is a case in point. Thanks to my colleague Andrea Schrag for bringing this case to my attention.