HIPAA, the Health Insurance Portability and Accountability Act, is supposed to protect your privacy as a patient. It's complicated, and complicated laws are apt to have unintended…
In today’s world, we are constantly hearing about identity theft and cyber attacks. These concerns can easily spill over into the healthcare system, when it comes to protecting a patient’s private information. HIPAA is important to patients, because not only is their personal data on hand at any place they receive medical care, but their medical records are on file as well. Here are a few areas where medical staff must be on guard, so they do not violate HIPAA laws, which could compromise a patient’s protected health information.
1.) Correctly Verifying Patients
With so many people coming and going, it could be easy for medical staff to mix up patients. This could be even more likely to take place if patients have similar names, or the same names as other patients, which is bound to happen eventually. Thus, verifying each patient every time is vital. Staff should ask each patient their date-of-birth at every encounter, both in person and on the phone. If there is more than one patient in the system with the same name and birthdate, staff should ask the patient to verify additional information, such as their address, phone number, or part of their SSN.
Patients need to be able to trust that their information is safe, even if they have a common name. They shouldn’t have to worry about a copy of their office note being given to a completely different person, because staff didn’t verify date-of-birth. Additionally, properly verifying patient information can prevent such disasters as a person being given the wrong treatment, medication, or procedure.
2.) Not Disclosing Information to the Wrong People
Medical personnel needs to be on guard against giving information to those who are not entitled to it. Realistically, this will sometimes include a spouse or other family members of a patient, should the patient decide not to list them as individuals who their information can be released to. Even disclosing the fact that a person is a patient can violate HIPAA, if the individual that is told to is not listed on a release form.
Patients need to trust that their medical providers can keep their information secure, even from nosy family members, neighbors, or friends. This can be even more important in extreme circumstances, such as if a child has been abused, and the person responsible is trying access records that document the abuse.
If medical staff personally knows a patient, they need to keep the fact that they are a patient confidential. They cannot go home and tell someone that they happened to see this person at work that day.
3.) Keeping Electronic Information Secure
Medical staff must be vigilant with keeping electronic information secure. This means using passwords properly, and not sharing these with their coworkers- even if it would be convenient to do so.
Staff should make sure they don’t leave their computer or laptop unattended and unlocked, for just anyone to grab, jump on, or view. Computer screens should be out of the sight of patients, especially while staff is accessing patient information. When scheduling a person, a staff member cannot let the patient look at the schedule, because they would be able to see the names of other patients who have appointments, which would be a HIPAA violation.
By being careful in these 3 areas, medical staff can ensure they are following HIPAA laws, and safeguarding the information of the patients they deal with. Patients will appreciate their private medical records and personal data being handled with care. This will increase the patient’s’ trust in their medical providers, and ultimately can result in better care for them.