Who Should Access Confidential Patient Information0 Clinicians during the course of treating a patient0 The patient0 Hospital staff that utilizes information for billing and coding such as Health Information Management0 Designated persons by the patient that have signed necessary consent forms
Who Should NOT Access Confidential Patient Information0 Clinicians that are NOT involved in active patient care and treatment0 Staff that is NOT utilizing patient information for the purposes of treatment, billing, or coding.0 “Curious Staff” or persons0 Any member of the organization who cannot document, as needed, the reasons for accessing the record
How to Keep It Safe0 Put a footprint in the patient record showing who accessed the record and their relationship to the patient as part of the care team.
How to Keep it Safe0 Ensure that each user is educated on the importance of keeping their password in a safe place and not sharing with other employees. Have yearly training and re-education on the importance of privacy within your organization.
How to Keep it Safe0 Have a dedicated compliance and security officer in place within your organization. Policies and procedures should be in place regarding privacy that clearly outline the repercussions of security and privacy violations.
How to Keep it Safe0 Utilize patient aliases within the patient registration and electronic health record to ensure the privacy of famous or “well known” individuals.
How to Keep it Safe0 Shred documentation with patient information attached0 Utilize fax cover sheets when faxing or sending patient records0 Use general rule of thumb – don’t access ANY record without a valid reason for reviewing