Hospital didn't tell police missing man was already found
»Play Video
SALEM, Ore. -- Police were searching for a missing man for two days until they realized Thomas Dill wasn’t missing at all. He had been in the hospital for a week and a half following a car crash.
Staffers at Salem Hospital failed to inform police of this crucial piece of information because of a federal privacy law. HIPAA, or Health Insurance Portability and Accountability Act, limits what information medical personnel can release to the public and police.
But in this case, police think the hospital took it too far when a staffer told officers Dill wasn’t there.
When police began investigating the case, there were some strange signs. His apartment was unlocked. Dill’s white sports car was in the parking lot with the window down.
Police knew the retired steel worker had diabetes, so they issued a news bulletin in hopes someone knew his whereabouts.
“Mr. Dill had simply vanished in our opinion,” Lt. Steve Birr said.
He had been at the Salem Hospital all along.
Police did receive two anonymous phone calls, which Birr believes were hospital staff.
“They were concerned. They didn’t want to violate HIPAA, but they didn’t want us to be looking for someone who had been found.”
The privacy law says hospitals can release information to police when they are “identifying or locating a suspect, fugitive, material witness or missing person.”
When reached for comment, a hospital spokesman said the hospital was looking into the situation.
“Patient privacy and safety is our No. 1 concern,” hospital spokesman Mark Glyzewski said. “We also want to ensure that we’re doing the right thing legally.”
The article states
" The privacy law says hospitals can release information to police when they are âidentifying orÂ
locating a suspect, fugitive, material witness or missing person.â
When the hospital staff said that the patient was not there, they lied to the police.
Hospital personnel should be made aware that is is okay to release certain information to theÂ
police, or family of the patient.  No information regarding his medical condition or treatmentÂ
need be released, but the fact that someone is actually in the facility should not be hiddenÂ
from police or family in such situations as this missing person case.
By personal experience as a HIPAA Compliance Officer implementing the Privacy Rule, I can tell you that HIPAA privacy regulations are VERY complex and have really nasty, scary teeth (which provide less protection to the patient than to the insurance companies, BTW) and that the average healthcare worker does not know all of the rules by heart nor is that average worker authorized to make a judgement call whether to release information or not (because of the potential sanctions for even a minor breach) so they all tend to take the "safest" course of "knowing nothing". The healthcare industry has been nearly terrified of the Privacy Rule since it was first proposed (an entire branch of costly premium legal practice developed around the rule) and at this point it has become the basis for what might best be called employment-related bullying: the mere threat of a HIPAA violation complaint strikes utter terror into the hearts of most healthcare workers.
That said, the standard response to an incident like this will be (and only perhaps should be) to post notice cards at all reception / public information / nursing stations in the hospital, declaring when employees may or may not disclose that a person is a patient of the facility. These placards will compete for posting space with dozens of other notices - some of which will be much more important to actual patient safety - and another defacto fight will break out over the very limited "real estate" in typical healthcare facilities: a battle rather reminiscent of Whack-A-Mole with myriad notices playing the "moles". Some other important notice will get buried and sadly, another tragic incident of some different sort will arise because of that.Â
And the great god Bureaucrates will be propitiated by the killing of more trees, the firing of more well-meaning but hapless healthcare workers, an the deaths of more patients due to preventable medical errors or delayed/denied care...
I feel the hospital and staff acted appropriately, based on information provided in this story. The idea that police could receive patient information on their declaration of âidentifying or locating a suspect, fugitive, material witness or missing person." is too broad and can potentially be abused by police. Sorry, just not comfortable police having this type of information access without a search warrant or court order.
Uh, this was a MISSING PERSON, Hospital people! You (management) need to train your staff in how the HIPAA law is applied.
Seriously?! If the police are looking for a missing person and they are in the hospital, it is irresponsible and stupid to not notify the police. It was an emergent situation.Â
I swear. The more news stories I read, the more appalled I am at today's society. This world is filled with freaking idiots.
@Tattooed_Angel2Â
In all fairness, it was probably a person who wasn't properly trained regarding the HIPAA law. Management needs to be brought to task in this case, IMHO.
Oh FFS. Â
"The privacy law says hospitals can release information to police when they are âidentifying or locating a suspect, fugitive, material witness or missing person.â" Â Missing...person....hmmm....