Question: Do you have any advice to help us protect our patients’ health information, if they receive care from multiple departments in the hospital? We are really interested in learning the best way to protect this info if the patient receives care that she doesn’t want to disclose to her health plan. Alaska Subscriber Answer: Unfortunately, just because you flag a service that a patient doesn’t want disclosed to her health plan doesn’t mean that information couldn’t still get leaked or pop back up at any time, such as during follow-up care services. But you can plug these holes by asking certain questions to dig down into your organization’s information flow. When a patient requests that you not disclose protected health information (PHI) to her insurer, make sure you can thoroughly honor this request by asking the following questions: Bottom line: “Since OCR [Office for Civil Rights] will expect you to follow any policy in place or agreement made, don’t agree to sequester PHI if your system isn’t reasonably able to do so,” advises Terri Brame Joy, MBA, CPC, COC, CGSC, CPC-I, director of operations with Encounter Telehealth in Omaha, Nebraska.