Health Information Management

HIPAA Q&A: Physicians treating family members

HIM-HIPAA Insider, March 29, 2010

Q. What safeguards should physicians who treat family members consider?

A. Reasonably ensure the maintenance of relevant audit logs. Also, consider a regular review of patient charts for family members treated regularly. These measures are necessary to reasonably ensure that access to the medical record, whether paper or electronic, is related to treatment, payment, or healthcare operations only.

Securing the charts of family members in a locked receptacle or cabinet is a wise precaution. These charts may be provided to physicians for appointments with family members or when a chart review or consultation is necessary. The HIPAA Privacy Rule does not require these measures; they are merely additional steps to help protect the practice, family members, and physician if the physician is later accused of accessing family members’ files for reasons other than treatment.

Editor’s note: Chris Apgar, CISSP, answered this question. This is not legal advice. Consult your attorney regarding legal matters. Apgar is president of Apgar & Associates, LLC, in Portland, OR. He has more than 17 years of experience in IT and specializes in security compliance, assessments, training, and strategic planning.

Most Popular