HIPAA Alert: Privacy and Confidentiality

Information about patients, employees and a covered entity (CE) itself is confidential. Such information may only be accessed and/or discussed in the line of duty and only with those who have a work-related need to know.

Employees are accountable to protect patient/customer confidentiality ON or OFF duty.

Employees have additional responsibilities under the HIPAA Privacy and Security regulations, and a CE has policies related to those regulations. Any access and/or release of confidential information may be cause for corrective action up to and including termination.

Specific complaints made against our organization include:

• Front desk staff speaking too loudly when confirming patient information
   
• Patients overhear staff discussing another patient while waiting in the exam room, standing at the nurse’s station or waiting in the lobby
   
• Staff discussing patient information in hallways or the elevator
   
• Detailed appointment or result information left on voice mails or answering machines

Patients are extremely sensitive to issues of identity theft and personal privacy. Any misstep in safeguarding that information jeopardizes their trust in our organization.  

Imagine that you are the patient, and it is your information that is being discussed. Then adjust your volume, tone and speech accordingly.

If you have any questions about how Methodist handles HIPAA security, please contact HIPAA Privacy Officer Zorana Vojnovic at 354-6863 or @email.