Zip your lip -- a weekly HIPAA message
1. We know that diagnoses and test results are confidential. What other information about a patient is confidential? What about billing records?
2. What patient information can we disclose to any caller or visitor who asks?
1. Essentially any information that is patient-identifiable, even the patient's address, is confidential and must be protected. Also, removal of the patient's name does not mean the patient's identity is protected; other information such as a medical record number, prescription number, a ZIP code, or a date of birth could still be used for identification.
2. Directory information -- name, hospital location, and general condition -- may be available to the public when the patient has agreed and the caller asks for the patient by name. Patients who have agreed are listed in the directory. Patients who are listed as "do not announce" do not want their information given out, and we must be careful not to let that happen. Be sure you know how to identify which patients have agreed and which have not.
If you're a manager, please ensure all of your employees are informed of the contents of these messages and how it applies to your work area. Some ways of sharing the information include discussions during staff meetings, printing and posting this message or asking your employees if they have any further questions.