American Osteopathic Association

Advancing the distinctive philosophy and practice of osteopathic medicine

Safeguarding Patients' Protected Health Information

x-ray.jpgWondering how to better safeguard your patients' protected health information (PHI), as required under the final HIPAA omnibus rule? Here are some examples of reasonable safeguards you can implement to protect your patients' privacy. Note that these examples are not exclusive; to be HIPAA-compliant, always limit your incidental uses and disclosures of PHI.

Bedside and Chart Information

If you:

  • Maintain patient charts at bedside or outside exam rooms

  • Display patients' names on the outside of their charts

  • Display patient care signs (e.g. "high fall risk" or "diabetic diet") at the patient's bedside or at the doors of hospital room

You can safeguard your practice by:

  • Placing patient charts in their holders with identifying information facing the wall

  • Limiting access to these areas or escorting non-employees in the area

  • Supervising areas where charts are accessible


Spoken Information

If you announce patient names and other information over your public address (PA) system, you can safeguard your practice by:

  • Limiting the information disclosed over the PA system

  • Referring your patients to a reception desk where they can receive further instructions in a more confidential manner

Visual Information

If you:

  • Use X-ray light boards

  • Log patient information on white boards at a nursing station

You can safeguard your practice by relocating light boards and white boards to areas not generally accessible to the public.


 Share This