Question: Many of our physicians speak with patients or other treating physicians over the phone. Is their conversation protected by the HIPAA privacy or security rules? -- Texas Subscriber Answer: "You don't have to worry about the security rule, but the conversation is subject to the privacy rule," affirms Jason Levine, a consultant with Murer Consultants in Joliet, IL. The conversation would only fall under the HIPAA security rule if it were somehow computerized before transmission, he adds. Your physicians need to take appropriate measures to ensure that they are adhering to your HIPAA privacy policy and procedures to avoid a violation, experts say. Tip: "Make sure you aren't using your cell phone where people can overhear you and know whose information you are discussing," reminds Clark Stanton, an attorney in the San Francisco office of Davis Wright Tremaine. The Bottom Line: You should always look to state guidelines in these situations, but overall, you have to think about patient privacy when transmitting any PHI over the telephone, Levine explains. "All communications with or about patients are covered by the privacy regulation," adds Stanton. Remember: The behavior, not the conversation, is regulated by the privacy rule, says Gwen Hughes, director of e-HIM Consulting Services at Chicago's Care Communications. If the behavior follows solid policies and procedures, your organization will remain HIPAA compliant, she maintains.