This document discusses how to keep patient information confidential. It states that only clinicians involved in a patient's care, the patient themselves, and staff involved in billing and coding should access confidential patient information. It should not be accessed by uninvolved clinicians, curious staff, or those who cannot justify their access. The document provides tips for keeping information safe such as logging all access, educating users, designating a compliance officer, using patient aliases, shredding documents, using fax coversheets, and only accessing records with a valid reason.
2. Who Should Access
Confidential Patient
Information
• Clinicians during the course of treating a patient
• The patient
• Hospital staff that utilizes information for billing and
coding such as Health Information Management
• Designated persons by the patient that have signed
necessary consent forms
3. Who Should NOT Access
Confidential Patient
Information
• Clinicians that are NOT involved in active patient
care and treatment
• Staff that is NOT utilizing patient information for the
purposes of treatment, billing, or coding.
• “Curious Staff” or persons
• Any member of the organization who cannot
document, as needed, the reasons for accessing
the record
4. How to Keep It Safe
• Put a footprint in the patient record showing who
accessed the record and their relationship to the
patient as part of the care team.
5. How to Keep it Safe
• Ensure that each user is educated on the importance
of keeping their password in a safe place and not
sharing with other employees. Have yearly training
and re-education on the importance of privacy within
your organization.
6. How to Keep it Safe
• Have a dedicated compliance and security officer
in place within your organization. Policies and
procedures should be in place regarding privacy
that clearly outline the repercussions of security and
privacy violations.
7. How to Keep it Safe
• Utilize patient aliases within the patient registration
and electronic health record to ensure the privacy
of famous or “well known” individuals.
8. How to Keep it Safe
• Shred documentation with patient information
attached
• Utilize fax cover sheets when faxing or sending
patient records
• Use general rule of thumb – don’t access ANY
record without a valid reason for reviewing