Corporate Compliance

Tip: Safeguard against incidental disclosures

Compliance Monitor, January 26, 2011

What the Department of Health and Human Services (HHS) considers a reasonable safeguard against incidental disclosures can vary depending on the size of the covered entity and the nature of its business. In designing safeguards, healthcare organizations should consider three primary factors:

  • Potential risk to patient privacy
  • Impact on patient care
  • Financial and administrative burdens of implementing safeguards

Common safeguards include:

  • Asking the staff to speak quietly with family members in a waiting room or other public area
  • Avoiding the use of patient names in public hallways and elevators
  • Isolating or locking file cabinets and record storage areas
  • Using password protection for computers that contain PHI

This week’s tip was adapted from The Privacy Officer’s Handbook. For more information about this book, visit the HCMarketplace.

Most Popular