How do you handle patient information on security sign in sheets? - page 2
Hi! New here, be gentle with me! Working home health care in an urban area, I often have to sign in with security when entering a building. The forms often request time in, time out, my name, my company name (no problems so... Read More
- 0Jun 14, '12 by jekisslpnQuote from Chi-townHomeRNActually to calm your nerves I suggest you leave off any designation from your name such as RN and don't fill out the company name. Those are two things the security in the building has no need to know. Without that info nobody who looks at the log will be able to assume anything other than you are a visitor.Hi! New here, be gentle with me!
Working home health care in an urban area, I often have to sign in with security when entering a building. The forms often request time in, time out, my name, my company name (no problems so far) and then the resident's name and apartment number. Those fields make me profoundly uncomfortable from a patient privacy standpoint. It feels very HIPAA-violationy. These forms are quite often left unsecured on a clipboard on a counter accessible to anyone walking in, not behind a desk with a security officer.
I totally understand that secured buildings' management wants this information for safety and accountability, but how can I provide them with what they need while protecting my patients and my license?
Thanks in advance for any suggestions.
- 0Jun 14, '12 by sunflrz321I think what is lost here is that HIPAA exists to protect health information privacy- not any and all information pertaining to the individual. If you pulled up in a van that said ABC home health agency, DEF respiratory supplies, or XYZ DME company, would this patient's neighbors know any more than they do now when you fill out the form as you are currently doing?
I would encourage you to further research the difference between PHI (Protected Health Information) and SPI (Sensitive Personal Information). SPI includes information such as date of birth, SSN#, etc- information we certainly don't want to share. Generally, only PHI is covered under HIPAA. SPI is typically protected under separate organizational policies.
According to the Department of Health and Human Services (http://www.hhs.gov/ocr/privacy/hipaa...ary/index.html), information that cannot be shared due to HIPAA regulation must include one of the following:
- "the individualís past, present or future physical or mental health or condition,
- the provision of health care to the individual, or
- the past, present, or future payment for the provision of health care to the individual"
Most importantly, I would encourage you to always provide the "minimum necessary" information to security. Remember, just because they ask on the form why you are there and what company you are there from doesn't mean you have to answer those questions. Family and friends likely visit these patients too, and they don't have to fill out those boxes to see the patient, so you likely don't have to either. If security does need further information, handing the security staff a business card should likely suffice- then they get the information that you are an RN from ABC home health agency, but that is not connected to the patient and listed on the same form as the patient's name. If you remain concerned, talk with your supervisor, to get his or her take on the matter.