Beyond HIPAA: simple ways to protect patient privacy

Beyond HIPAA: simple ways to protect patient privacy

Thanks to HIPAA, all practices now have policies, procedures and systems in place to protect patient privacy. Because consumers have become sensitive to this issue, it’s good public relations to not only comply with the required privacy regulations, but also to take steps that make the fact that you’re doing so obvious. Here are eight simple steps you can take that will make it apparent to your patients that you take protecting their personal privacy and health information seriously.

  1. If you have patients sign in on a clipboard at the registration desk when they arrive at your office, be sure to use sign-in sheets that hide the names of patients as they check in. (Here’s a sample.)
  2. Add a question to the forms your patients update at each visit that asks whether it’s okay for your practice to leave messages and appointment reminders on an individual’s home phone and/or cell phone.
  3. When mailing test results to patients’ homes, don’t include the name of your practice in the return address. Have envelopes printed or order a return address stamp that includes only your street address, city, state and ZIP to use for patient communication.
  4. Post a tasteful notice in the lobby and in each exam room that reads: “We take protecting your privacy seriously. Should you have any concerns, please ask to speak to our practice manager.” Short and to the point, this lets patients know that you’re paying attention and that they are free to bring issues to the attention of an individual in authority. (Click here to see another example.)
  5. Make sure that your exam rooms are soundproof. The fact that they are won’t necessarily be obvious to patients, but if they aren’t, that fact will be all too apparent.
  6. Position exam tables so that patients are exposed as little as possible when someone is entering or exiting the room. Even though they’re wearing a gown, most people feel a tad vulnerable when perched up on a table, feet dangling, and not wearing a whole lot.
  7. Angle computer screens and/or use privacy screens so that individuals can’t catch a glimpse of what could be confidential information. If you have computer terminals in exam rooms, make sure that doctors and staff log off whenever they leave patients alone in the room and set screen savers to kick in after one minute of inactivity.
  8. Train your staff on the basics such as making sure documents that include private information are placed face down or otherwise hidden from view of other patients and not using patient names within earshot of other patients. The occasional reminder that patient information is available to staff on a need-to-know basis is also helpful (i.e., if Brad Pitt happens to become your patient, that doesn’t mean everyone in the office gets to read his file).