“I think it’s easy for us nonvaxxers to make assumptions but most of us have never and will never see one of theses diseases. [F]or the first time in my career I saw measles this week. Actually most of my coworkers and the ER docs saw measles for the first time as well. And honestly, it was rough. The kid was super sick. Sick enough to be admitted to the ICU and he looked miserable.By no means have I changed my vax stance, and I never will. But I just wanted to share my experience and how much worse it was than I expected.”
When a parent reposted a screen-shot of the post onto the hospital’s Facebook page, trouble started for the nurse. The hospital stated that it suspended the nurse from seeing patients pending an investigation, and confirmed that while she was in good standing with the licensing board, that it would not comment specifically on her own vaccination status. It also issued the following statement regarding the child in question:
“A patient treated at Texas Children’s Hospital West Campus tested positive for measles. This is a highly-contagious, vaccine-preventable infection. We know vaccination is the best protection against measles. Our Infection Control and Prevention team immediately identified other children who may have come in contact with this patient to assess their risk and provide clinical recommendations. We have contacted all of those families.”
On its face, the nurse’s post certainly appears to be a well-intentioned attempt to inform members about first-hand knowledge of information relevant to the group’s purpose. However, she may have crossed a legal line by continuing her post to claim that the patient had recently traveled to a region “where measles is very common” and speculate that he may have contracted the disease while overseas.
Although the First Amendment provides wide protection from government interference with free speech, the Health Insurance Portability and Accountability Act (“HIPAA“) sets out a complex series of rules designed to protect the privacy of individuals with respect to their personal health information. Like many other laws, HIPAA creates functional exceptions to free speech. Generally speaking, HIPAA makes it illegal for a healthcare provider to disclose individually identifiable health information unless that disclosure falls within a specific authorized category.
As a result, there is a chance that under HIPAA, this nurse may face legal consequences for disclosing her patient’s personal medical information. Given the wording of the nurse’s primary post, she does not appear to have shared any specific identifying information; however, her comments about the child’s recent travels, and the context of a geographically-specific Facebook group do edge the post closer to constituting a HIPAA violation.
All this raises compelling concerns about the consequences of strict privacy laws in the context of communicable diseases. The question of whether or how much to vaccinate children is a pressing one for millions of parents; timely, accurate, and relevant medical information from professionals is exactly what such parents need to access to educate themselves.
This particular case also opens important lines of inquiry that, hopefully, the hospital is considering. Was the whistleblowing parent simply a good samaritan concerned about patients’ privacy? Or did that person have a personal connection to the case? Was the nurse’s post given heightened scrutiny because it appeared on an anti-vaxx page, as opposed to a page with a more general (or perhaps more popular) mission? These and more are sure to come up as the hospital completes its investigation and the nurse meets with her attorneys.