DISCLAIMER: The information provided in this article, other knowledge base articles, and the Compliancy Group website do not, and are not intended to, constitute legal advice. All information, content, and materials in the Knowledge Base and on the Compliancy Group website are for general informational purposes only.
Introduction
This article discusses job shadowing, along with HIPAA issues related to job shadowing.
What is Job Shadowing?
Medical job shadowing involves a student, typically an undergraduate, observing a working medical professional throughout that medical professional's typical work day. Medical job shadowing typically involves following and observing a physician, nurse, or other healthcare professional while these individuals conduct their work in a healthcare setting (e.g., clinical setting or hospital setting). Many medical schools and professional healthcare programs require applicants to complete job shadowing hours as a prerequisite to admission.
What is the Difference Between Job Shadowing and Volunteering?
Job shadowing is distinct from volunteering. The difference between job shadowing and volunteering is that job shadowing is observational in nature. A pre-medical student who is a job shadower observes as a healthcare professional provides care to patients. Observation occurs under the appropriate supervision of a licensed physician or other licensed healthcare professional. This professional is often referred to as a preceptor.
Can a Patient Refuse to be Shadowed?
A job shadower watches a physician as the physician or clinician performs their duties. Observing medical procedures implicates privacy and confidentiality concerns. Job shadowing may involve the "shadower's" being exposed to patients and their protected health information (PHI).
A patient should be given the opportunity to consent to have a job shadower present while treatment is being rendered. If the patient consents (or, if the patient's personal representative consents), the consent should be documented. If the patient does not consent, the consent should be documented. If a patient refuses to consent, heir decision must be respected by the healthcare provider and observer.
What Responsibilities Does a Job Shadower Have?
A job shadower must agree to keep information the shadower learns or observes about the patient, confidential. The provider who permits the shadower to observe, may require the shadower to enter into a confidentiality agreement, in which the shadower agrees to keep information learned about the patient confidential and to not share that information with or disclose it to anyone.
Does Job Shadowing Require Patient Authorization?
HIPAA requires covered entities (CEs) to safeguard the privacy and security of PHI. As noted above, one way to secure the privacy and security above is to require a shadower to enter into a confidentiality agreement,
The HIPAA Privacy Rule provides that covered entities may, without patient consent, use or disclose PHI to carry out treatment, payment, and healthcare operations.
Healthcare operations include, among other things, “conducting training programs in which students, trainees, or practitioners in areas of healthcare learn under supervision to practice or improve their skills as health care providers, [and] training of non-health care professionals, accreditation, certification, licensing, or credentialing activities.”
Job shadowing is generally regarded as a healthcare operation. Healthcare operations PHI uses and disclosures associated with the conducting of training programs generally do not require written patient authorization. As noted above, though, consent should be obtained before a shadowing encounter.
Whether job shadowing is (a) a healthcare operation (e.g., does it constitute "training"); and (b) constituting "performance of work" is a question to be answered by qualified legal counsel.
Must a Job Shadower Receive HIPAA Training?
The workforce of a covered entity is defined as “employees, volunteers, trainees, and other persons whose conduct, in the performance of work for a covered entity, is under the direct control of such entity, whether or not they are paid by the covered entity.”
A job shadower that shadows a clinician is generally regarded as a workforce member. The shadower's activities are generally considered to be under the clinician's direct control. Workforce members must receive HIPAA training, so training of job shadowers on HIPAA would be required.
May a School Provide HIPAA Training?
In many instances, there is an agreement between the educational institution the student shadower attends on the one and, and the healthcare setting (e.g., hospital, teaching hospital) on the other, under which training is specifically designated as the responsibility of the healthcare setting. These agreements may also address issues such as confidentiality agreements and notice to the patients regarding the participation and presence of students in care settings.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article