Q: Does HIPAA address the use of cell phones and PHI? Is calling a practice's physicians or on-call staff members to relay information regarding a patient acceptable?
HIPAA Weekly Advisor, August 11, 2008
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
A: HIPAA does not specifically address cell phone use. However, HIPAA addresses avoidance of incidental disclosures whenever possible. In practical terms, when using a cell phone to discuss patient information, do so in an area where unauthorized individuals are not likely to overhear your conversations.
Communicating information via cell phone increases the risk of exposure because transmission is wireless, unlike with landlines. You may choose to document this as an acceptable risk, and although it would not necessarily constitute a HIPAA violation, it nonetheless represents a risk of which you should be aware.
The use of cell phones to transmit text messages or e-mail messages about patients is generally an unwise practice. As the sender of information, you may be able to guarantee that your cell phone carrier is secure, but there is no guarantee that the message recipient has a secure carrier. This is similar to sending unencrypted e-mail via the Internet, which is potentially a HIPAA violation—not to mention a liability risk for the sender if an unauthorized individual intercepts the information.
Editor's note: Chris Apgar, president of Portland, OR-based Apgar & Associates, LLC, answered this question. This is not legal advice. Consult your attorney with respect to legal matters.
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Comments
0 comments on “Q: Does HIPAA address the use of cell phones and PHI? Is calling a practice's physicians or on-call staff members to relay information regarding a patient acceptable? ”
Related Products
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Identify potential Medicaid RAC target areas
- HIPAA Q&A: Level of encryption needed for email
- Topic: CMS, OESS post new security compliance review information, checklist
- Capturing all necessary codes for IUD insertion and removal can be challenging
- What does case-mix index mean to you?
- OB services: Coding inside and outside of the package
- QA:Coding multiple initial infusions
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- HIPAA Q&A: Level of encryption needed for email
- Q&A: Follow CMS' coding guidelines when using modifier -25
- What does case-mix index mean to you?
- Catch up on what's new with injections and infusions
- CMS has reformulated payments for some bilateral procedures
- New conflicts of interest create new challenges
- Q/A. One injection code or two?
- ED-to-inpatient transfers are flawed with safety gaps
- Searched