The Health Insurance Portability and Accountability Act (HIPAA) safeguards protected health information (PHI) while allowing health care workers to share data to improve patient care coordination. This allows health care workers to treat a patient while also protecting their privacy. Here are some pointers to ensure you’re obeying the rules:
Keeping PHI Confidential
- Patient medical records: Secure your workstation before stepping away.
- Census reports (or any patient identifying information) – These documents must be covered and away from the public touch and sight.
- Printers: Print to the correct printer location and check to ensure you remove patient identifying papers from the printer immediately.
- Access to patient information on shared drives: Do not place patient information on any shared drive or public access area.
- Conversations regarding patients: Safeguard patient privacy by being aware of your surroundings and speaking only in appropriate areas to appropriate individuals. Don’t share patient information beyond the professional bounds of your role.
- Secure your physical space: Ensure that your workstation area isn’t accessible to non-approved individuals, so they cannot view any information.
Sharing Patient Information with Family Members and Others
Unless a patient explicitly requests otherwise, there are strict limits on who information can be shared with. You may:
- Inform only those the patient has identified as involved in their care or responsible for their care about their condition or whereabouts.
- Include basic information such as the patient’s phone number and room number in a hospital directory.
- Provide clergy with information regarding a patient’s religious affiliation.
Protect Health Information on Mobile Devices
- Ensure your devices have a strong password(s) enabled.
- Enable encryption.
- Install and activate remote wiping or remote disabling.
- Disable file sharing applications.
- Review all mobile applications before installing.
- Don’t leave your mobile device unlocked.
- Before discarding or reusing the mobile device, delete all saved health information.
Reasons That Can Lead to Confidentiality Breaks
- Carelessness: Not thinking about how information should be appropriately protected.
- Curiosity or Concern: Wrongfully sharing information because you are interested or want to help someone other than the patient.
- Personal Gain or Malice: Accessing, reviewing, or talking about patient information for personal gain or to cause harm by leaking information.
- Accidental Disclosure: This frequently happens when sending patient information via fax, mail, text, or other. Be mindful and double-check that you have the correct information before sending it.
HIPAA rules are important because they protect your patient and yourself. It’s helpful to refresh what you can and cannot share every once in a while, and keep in mind that respecting patient/client privacy is your duty as a health care worker.