HIPAA Q&A: You’ve got questions. We’ve got answers!
HIM-HIPAA Insider, April 7, 2014
Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!
In last week’s HIPAA Q&A, our HIPAA expert mentioned that it was appropriate to send emails containing PHI as long as your organization’s server is secured. In instances where a server is not secured, patients should be de-identified. For example, you could refer to someone as "the patient in room 301-A" because a room number is not considered an identifier under HIPAA. In response, one of our readers submitted a follow-up question about identifiers.
Q: My organization views a patient’s room number as an identifier because we think this is information that someone could use to identify the patient. Please explain why this is not considered an identifier? A: A patient’s room number is not considered “identifiable” under the HIPAA Privacy Rule. PHI is considered identifiable if it contains any one of 18 identifiers of individuals and their family members, employers, or household members, including:
- Names
- Geographic subdivisions smaller than a state
- All elements of dates (except for year) for birth, admission, discharge, and death
- All ages over 89, including year
- Telephone numbers
- Fax numbers
- Email addresses
- Social Security numbers
- Medical record numbers
- Health plan beneficiary numbers
- Account numbers
- Certificate/license numbers
- Vehicle identifiers
- Device identifiers
- URLs
- IP addresses
- Biometric identifiers, including fingerprints and voiceprints
- Full-face photographas
Want to receive articles like this one in your inbox? Subscribe to HIM-HIPAA Insider!
Related Products
-
Briefings on APCs
Worried about the complexities of the new rules under OPPS and APCs? Briefings on APCs helps you understand the new rules...
-
HIM Briefings
Guiding Health Information Management professionals through the continuously changing field of medical records and toward a...
-
Briefings on Coding Compliance Strategies
Submitting improper Medicare documentation can lead to denial of fees, payback, fines, and increased diligence from payers...
-
Briefings on HIPAA
How can you minimize the impact of HIPAA? Subscribe to Briefings on HIPAA, your health information management resource for...
-
APCs Insider
This HTML-based e-mail newsletter provides weekly tips and advice on the new ambulatory payment classifications regulations...
Most Popular
- Articles
-
- Don't forget the three checks in medication administration
- Practice the six rights of medication administration
- Note similarities and differences between HCPCS, CPT® codes
- OB services: Coding inside and outside of the package
- Differentiate between types of wound debridement
- Code diagnoses and outpatient treatment for PTSD
- Q&A: Primary, principal, and secondary diagnoses
- What to include on the incident report
- ICD-10-CM coma, stroke codes require more specific documentation
- Know guidelines and subtle differences in code descriptions for laceration repairs
- E-mailed
-
- Stop emergency department violence against nurses, physicians
- Q&A: Resection or excision in ICD-10
- Can we charge for insertion of a PICC line when a certified nurse performs it?
- Inpatient-only procedures: Accuracy helps avoid denials, ensure compliance
- Joint Commission now allows partially-used oxygen canisters in 'full' rack
- Joint Commission deletes more than 130 requirements, including medical record requirements
- Joint Commission and CMS Alignment: Restraint Management
- IV pushes that last more than 15 minutes
- How to get reimbursed for restorative nursing
- HIPAA Q&A: You've got questions. We've got answers!
- Searched
