• E-mail
• Print
• RSS

Limit incidental HIPAA disclosures with a clear policy, practical steps

Compliance Monitor, January 4, 2006

Want to receive articles like this one in your inbox? Subscribe to Compliance Monitor!

Your HIPAA policy should suggest ways to limit incidental disclosures. Frank Ruelas, compliance officer for Gila River Health Care Corporation in Sacaton, AZ, and Linda Rean, health information management (HIM) supervisor at Seneca Healthcare District in Chester, CA, suggest implementing the following steps to prevent against incidental disclosures:

Confine patient discussions to patient care areas. This is a good baseline defense against incidental disclosures. "If two employees of a health facility go out to lunch, a really big no-no is to discuss patient healthcare," Rean says. Not only is this bad manners, but it's inappropriate-even in a hospital cafeteria. Leave patient discussions to areas in which patients receive care and where your strongest privacy protections are in place.

Create privacy at admitting stations. An admitting station is often inundated with patients signing in and admissions personnel talking on the phone. Do your best to keep these two parties separate so patients don't overhear private conversations. If you can, separate the two functions entirely.

Take sight-lines into account. At Seneca, nursing stations used to have low counters. To keep PHI out of sight, Rean raised the counter height and required employees to place all patient material on a lower counter, out of the normal line of sight. "It was a small detail, but it made a difference," she says. "While that might have been an incidental disclosure if we had kept the old system, it wouldn't have been a best practice." She also suggests turning computer monitors away from public viewing angles.

Use common sense on the phone. Take steps to avoid being overheard. If possible, close the door, speak in a reasonable volume, and avoid using a speakerphone when talking about patients during phone calls, Ruelas advises.

Editor's note: Adapted from "Shut the door on incidental disclosures with a clear policy," Briefings on HIPAA, December 2005.

Want to receive articles like this one in your inbox? Subscribe to Compliance Monitor!

• E-mail to a Colleague
• Print
• RSS
• Archive