Hi, My name is XXXXX XXXXX I’m happy to assist you with your question today.
Communications and information are HIPAA protected if they are protected health information. Protected health information is information, including demographic data, that relates to the individual’s past, present or future physical or mental health or condition,the provision of health care to the individual, or the past, present, or future payment for the provision of health care to the individual,and that identifies the individual or for which there is a reasonable basis to believe it can be used to identify the individual.
The answer to your question really depends on the level of access the patient had on the computer. If he did not have access to or review the medical records information on the compute, then there would be no HIPAA violation. HHS recommends employers have physical safeguards to unauthorized persons even having the ability to access protected information (one of which would be that non-authorized persons do not use computers with access to patient databases), but there is no requirement that employer have adopted these safeguards. It may in fact be a policy of your employer that non-authorized persons do not use these particular computers that have access to patient databases, but that alone is not a violation of HIPAA. The patient would have had to actually review patient records to violate HIPAA. Nothing in your question suggests the patient was reviewing patient records. Thus, a HIPAA violation likely did not occur.
I believe this answers your question. However, if you need clarification or have follow-up questions regarding this matter, I will be happy to continue our conversation – simply reply to this answer. If you are otherwise satisfied with my response, please leave a positive rating as it is the only way I am able to get credit for my answers. Thank you, XXXXX XXXXX wish you all the best with this matter.