HIPAA Privacy Assessment Checklist

February 18, 2013

Privacy Walk Through                                                   Facility: _______________

Department: _____________________________     Date: _________________

COMPUTER SCREEN

YES/NO/NA/COMMENTS

  • Computer screen cannot be easily read from “public area”.
  • Unattended computers are returned to the logon screen.
  • Other

RECORD SECURITY

YES/NO/NA/COMMENTS 

  • Documents w/ PHI are face down or concealed from “public area”.
  • Other

FAX/PRINTER

 YES/NO/NA/COMMENTS

  • Fax machine is in a secure area.
  • Fax cover sheet is compliant (has necessary elements)
  • Printer is in a secure area.
  • Other 

WHITE BOARDS/POSTED PATIENT LISTS 

YES/NO/NA/COMMENTS

  • Posted pt information on white board – maximum info of pt last name & 1st No dx.
  • Patient lists are in secure location.
  • Other 

PATIENT INTAKE/WAITING AREAS 

YES/NO/NA/COMMENTS

  • Sign in lists – maximum of first name and last name.
  • Prior name on list is blackened out or removed from view.
  • Patients are called by either first name or last name only.
  • Other 

AUDIBLE CONVERSATIONS 

YES/NO/NA/COMMENTS

  • Patient care discussions avoided in front of other patients/visitors in common area (e.g., nurses stations, waiting rooms).
  • Volume of conversation is adequate (not unduly loud).
  • PHI not discussed by workforce in elevators.
  • PHI not discussed in public dining areas. 

PATIENT ROOMS 

YES/NO/NA/COMMENTS

  • Written PHI cannot be easily viewed/accessible by visitors.
  • White Boards do not identify dx or sensitive tests to be done.
  • Unattended computers are returned to log on screen.

INTERVIEW WITH PATIENT 

YES/NO/NA/COMMENTS

  • Are staff members always conscientious about protecting your privacy such as, privacy of your health information or personal privacy?
  • Do you have any concerns that our facility is not addressing in protecting your privacy? Is there anything we could do better?
  • Hello, My name is _________ from the Health Information department. I wanted to say hello and make sure __________ Hospital is doing our job to protect your confidentiality and privacy. Would you mind if I ask you a couple of questions?
  • Thank you for taking the time to allow me to talk with you today. We want you to know that we want to make sure we take the necessary precautions and actions to protect your privacy. 

OTHER COMMENTS/FINDINGS 

YES/NO/NA/COMMENTS

Previous post:

Next post: