AST Guideline - Use of Mobile Information Technology in the Operating Room

7 mobile device cameras as well as recommendations for photo-taking policies that protect the privacy of PHI, patients, and staff. The following are general recommendations. 1) The Health Insurance Portability and Accountability Act (HIPAA) Standards for Privacy of Individually Identifiable Health Information , commonly referred to as the Privacy Rule, protects all individually identifiable health information held or transmitted in any form or media. Individually identifiable health information is defined as past, present, or future physical or mental health information that may allow another person to identify an individual including name, address, Social Security number and demographic information. 8,45 2) OR personnel should not post PHI, videos or photographs of surgical patients on blogs, discussion boards, or social media sites. Additionally, the information should not be shared through email or texting. 3) Violations of patient confidentiality can result in severe consequences including loss of job, removal of certification or licensure, and legal actions. 39,45,46 In 2010 the National Council of State Boards of Nursing completed a survey of state’s Board of Nursing (BON). 33 of the 46 BONs that responded reported receiving complaints of RNs who violated patient privacy by posting patient information and photos on social media sites. 26 of the 33 BONs reported undertaking disciplinary action as a consequence of the complaints. 47 4) HDOs should develop and periodically review policies that address photography, filming, video capturing and other types of imaging. a) The policies should address use by medical staff, employees, patients, visitors and volunteers. The HDO should anticipate all instances of how cameras could be used, e.g., patient or visitor taking personal photographs; medical staff, employee, or student taking photos of patient care and/or treatment; telemedicine; marketing photos of HDO. 8 b) The policies should address the various types of devices that have photographic capturing capabilities, eg, wireless handheld devices; webcams on laptop computers. 8 c) The policies should prohibit employees, medical staff and volunteer from using their own mobile device or a facility- supplied device to take photographs or videos of patients and visitors that are not related to the patient’s care, eg personal reasons. 8 d) The policies should establish the specific circumstances in which a surgeon should obtain the patient’s written consent to take photographs or other images related to treatment and how the media will be used. HIPAA authorization is not required for taking treatment-related images, but obtaining