Question: What guidelines should our group follow to protect the privacy of patient information in public areas? For example, we keep our charts in a rack visible to visitors who enter our office. The charts show the patient’s name and physician’s name; no testing or code indicators are visible?
Answer: You’re definitely on the right track because you aren’t disclosing code or testing information. But there are even more steps you can take to ensure your patients’ privacy and meet HIPAA requirements.
Step 1: Explore the option of moving the chart rack to an area that is not visible to all the visitors entering your office.
Step 2: Consider not including the physician’s name on charts that could be visible to visitors.
Step 3: Instead of using a patient’s full name, use her first initial and last name (or first initial and only the first few letters of the patient’s last name). Not only does this help guard patient privacy, but using this method, the patient’s gender remains undisclosed, which provides even greater security as a passer-by would know even less about the patient.
Trap: If your organization used first name and last initial, there would be a greater likelihood of having two people with the same first name and last initial in the same room. The same problem would occur if you used first initial and last initial.