You’ve heard all about HIPAA by now, but did you know that you (at the front desk) could easily be the first line of defense in your office against a potential HIPAA violation? Can you spot the difference between an "incidental disclosure" of protected health information (PHI) and a HIPAA privacy-rule violation? Better yet, can you hear the difference?
You can minimize most incidental uses and disclosures involving paper or electronic forms of PHI by moving medical charts or computer screens out of ready view. But more often than not, incidental PHI disclosures would likely result from overheard conversations within your office. It’s easier to overhear and harder to fix those overhearing problems than it is to move a physical piece of equipment or documentation.
Have a look at these four conversations and determine for yourself whether each is a permitted incidental disclosure under HIPAA or an impending privacy violation:
Conversation #1: A patient waiting in an examination room overhears a nurse relaying another patient’s test results to a physician in the next room.
Conversation #2: A patient overhears two staff making unkind comments about the waist measurement of a patient who’s expecting triplets.
Conversation #3: A patient overhears a conversation between a receptionist and an insurance-company representative during which the receptionist is attempting to secure preauthorization for another patient’s procedure.
Conversation #4: A bartender overhears your medical assistant telling a friend about a famous actor who visited your office today.