Practice Management Alert

Question: One of the physicians in my practice demands we use a sign-in sheet—he says that the sheets offer “proof” of a patient’s visit. Do sign-in sheets violate a patient’s rights under the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule?

AAPC Forum Participant

Answer: The U.S. Department of Health and Human Services (HHS) says that incidental exposures, like the announcement of a name by a nurse, to call a patient into an exam room from the waiting room, or a sign-in sheet, depending on the information included, are OK. To remain compliant with the HIPAA Privacy rule, the sign-in sheet should not list the reason the patient is seeking medical care. HHS says: “… incidental disclosures are permitted only when the covered entity has implemented reasonable safeguards and the minimum necessary standard, where appropriate. For example, the sign-in sheet may not display medical information that is not necessary for the purpose of signing in (e.g., the medical problem for which the patient is seeing the physician).”