Celebrating Nurses – Cornerstones of the “Human Firewall”

In their roles as both care giver and care coordinator, nurses generate, transmit, transcribe, and interact with enormous amounts of information using a dizzying array of devices. Not surprisingly, nurses play a critical role in keeping patients’ protected health information (PHI) safe.

Nurses, you are amazing!! 

In the course of a single hospital shift, a hospital nurse may interact with a single patient’s record 10-20 times – or more – depending on the intensity of the care and length of the shift, while caring for 2-10 patients! (A physician office nurse may interact with 20-50 patient records per day!)  In addition, nurses coordinate patient care activities across departments and facilities, including pharmacy, food service, PT, OT, radiology, lab, respiratory therapy, the OR, and more. Nurses also serve as the primary point of contact for an ever-shifting array of family members and friends. And to make it possible to fit all this activity into a single shift, health systems have equipped nurses with a variety of mobile technologies – workstations on wheels, laptop computers, iPads, mobile phones, and Vocera badges being the most common. And we haven’t even gotten into the details of actually caring for the patients!

 You are also vulnerable to information breaches.

Each time you interact with patient information – whether face-to-face, over the phone, or via one of the many gadgets that occupy your day – your actions either protect or expose patient information. With everything on your plates, it’s easy to understand how you might leave a workstation unlocked and unattended or might misplace a mobile device. Unfortunately, these actions can now have significant negative consequences – for you, your patients, and your organization. Your patient’s identity – and credit – can be impacted for years. Your organization may be heavily fined in addition to paying lawyers’ fees and the cost of notifying affected patients. And you may face civil - and possibly criminal - charges.

Protect your patients. Protect your organization. Protect yourself.

  1. Keep your voice low when speaking with patients and colleagues.
  2. Only share the minimum necessary information to accomplish the task at hand.
  3. ALWAYS lock your work station before stepping away (“Windows” logo key + L).
  4. Double-check for mobile devices before leaving a patient room.
  5. Store mobile devices in locked drawers or a locked room when not in use.
  6. DO use secure email and texting applications.
  7. If you must use an unsecure channel, don’t include identifying information in the message.
  8. Always validate the identity of an information recipient before disclosing PHI.
  9. Don’t use work computers to do personal business or shopping.
  10. If you see something, say something!


Thanks for all you do. Keep up the good work!

As a reward for all your hard work, check out these freebie offers from restaurants just for nurses, gathered onto a single page by Brittney Wilson, The Nerdy Nurse.

And if you think your organization could use an easier way to conduct HIPAA Risk Assessments, HIPAA Training, and manage HIPAA documentation, contact us:  info@ThirdRock.com.

Julie Rennecker, PhD, BSN
About the Author

Julie Rennecker, BSN, PhD is an organizational development consultant specializing in the people and process challenges related to healthcare technology change. With 10 years bedside clinical experience (ICU, ER, behavioral health), a PhD in Organizational Behavior from MIT’s Sloan School of Management, five years on the Information Systems faculty at Case Western Reserve University, and more than 15 years’ research and consulting experience, she brings a unique synthesis of clinical, academic, and industry experience to bear on client problems and opportunities. She holds a Certificate in Health IT and Health Information Exchange from the University of Texas and is a credentialed EpicCare Ambulatory trainer.

%d bloggers like this: