HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

HIPAA and Wiretap Act Could Prevent Installation of Nursing Home Cameras

According to a recent CBS Local report, an Illinois house committee will be meeting next week to discuss the privacy issues raised by the installation of web based video cameras in nursing home residents’ bedrooms and how HIPAA Rules and the Wiretap Act regulations can be adhered to.

The installation of video cameras in nursing homes has been proposed following numerous allegations of neglect and abuse in nursing homes throughout the United States. Nursing home employees are also accused of the financial exploitation of residents and each year many reported cases result in legal action. However, proving abuse and neglect in a court of law can be difficult, especially when the victim suffers from dementia or Alzheimer’s.

Action being Taken to Protect Nursing Home Patients

Efforts have been made in both Illinois and Missouri to allow the installation of video cameras in nursing homes to monitor for abuse and to deter staff from abusing residents. When abuse occurs, evidence will be recorded on the cameras or footage can be monitored remotely.

The problem is that video cameras record audio and video feeds, and this information is covered under the Health Insurance Portability Act as Protected Health Information. The information captured by the cameras itself could result in the residents being abused or suffering from financial fraud, should that data fall into the wrong hands.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

As such there are some legal hurdles to overcome before cameras will be allowed to be installed. In Illinois, new legislation is planned to allow the use of the cameras provided consent is obtained by both the resident and their legal guardians.

However, there are also issues with the Wiretap Act. In cases of abuse, since the patient may not know the camera is there, and any person entering the room similarly would not be aware of the camera, consent to film would not be provided and any recorded audio or visual footage may not be used as evidence as it is likely to violate federal wiretapping laws. It has been suggested that the issuing of a public notice about the cameras would help in this regard, but alone that is unlikely to be sufficient.

Then there is the question of what happens to the data. For the cameras to be effective the signal needs to be broadcast over the web and the cameras need to be controlled remotely. There is a big question mark over data security measures that will be put in place to safeguard the data from hackers.

Will that data need to be encrypted? How will access to that data be controlled? Will adequate security measures be installed? These are all serious considerations as there is a potential minefield of privacy and security regulations to navigate. If those rules are breached the Office for Civil Rights can issue fines of up to $1.5 million, civil lawsuits can be filed for damages and state Attorney Generals have now started to issue fines for HIPAA data breaches.

The committee will meet to discuss the issues surrounding the proposal with the matter likely to go to the vote later next month.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.