Reader Question:
Follow These Points to Help Protect PHI
Published on Thu Mar 12, 2020
Question: I’m always concerned about protecting our patients’ health information, especially if they receive care that they don’t want to become common knowledge. What’s your advice for these situations, especially when the patient receives care from multiple departments in the hospital?
New Jersey Subscriber
Answer: You’re smart to be concerned on your patients’ behalf. Just because you flag a service that a patient doesn’t want disclosed to their health plan doesn’t mean that information couldn’t still get leaked or pop back up at any time, such as during follow-up care services. But you can plug these holes by asking certain questions to dig down into your organization’s information flow.
- When a patient requests that you not disclose protected health information (PHI) to their insurer, make sure you can thoroughly honor this request by asking and answering the following questions:
- When the physician writes their plan for the patient, where in the record will the patient’s disclosure-restriction request be identified?
- How will the information travel to various departments?
- Who will receive the information, and how will they receive it?
- Are there checks and balances built into the system to identify that the information is traveling to the end user?
- How can the patient be assured that the information will remain confidential?
- If the patient’s disclosure-restriction request is breached, what systems will go into effect to ensure that other patients’ information is not at similar risk?